I'm using Dachstein CD 1.0.1 and its working great! I
have a question about OpenSSHD. I can connect (using
putty) from my internal network, but when I try from the
external (say, at work) I get "connection refused" in
the daemon log. I looked around for some help, and
can't figure out why
I did add a rule that should have opened port 22 in the
firewall, and since the deamon log shows an sshd message
refusing the connection, I am assuming it is getting
through.
I looked at the hosts.allow and hosts.deny, and didn't
see anything obvious allowing the internal network...
I'll lo
You are correct sir! I was also poking around the mail-
archive site and found a few hits that might help.
Thanks! After work I'll have to give it a shot.
Sean
P.S. When I first used ESB2, I was shocked to see
someone had tried to login to my firewall using SSH.
External access was on by
I'm back! I added a line in Hosts.allow to allow ALL
for sshd:
sshd: all:
Still can't get in today. Can anybody else see sshd on
my box? 12.243.228.133 Let me know. I searched the
archives, but up till now everyone was using sshd-1, and
it appears that it is different than opensshd. An
To be quite honest, I'm not sure where it is running
from. Its the Dachstein CD 1.0.1 setup with little or
no mods. Did you get a prompt to login? If so, maybe
my firewall at work is blocking the connection. I'll
see it in the logs when I get home I guess.
Thanks,
Sean
> Sean, tried to
I'll have to take a look when I get home. Unfortunately
I have no way to make a change, then test it externally
without going to work first. Can you tell anything from
the test you did? All I can see in my daemon logs so
far (even set to verbose) is connection denied. I have
never got to
Does anybody have a working Telnet for LEAF. I know, I
know, its not secure, but I'm SSHing into my LEAF box,
then I want to Telnet into another Linux box on my
internal network. Yes, I will try later to forward an
SSHD port to that box, but for now, how about Telnet? I
tried the one in Ox
Nevermind. I found a version that works on David's
latest Oxygen ISO.
> Does anybody have a working Telnet for LEAF. I know, I
> know, its not secure, but I'm SSHing into my LEAF box,
> then I want to Telnet into another Linux box on my
> internal network. Yes, I will try later to forward a
First a comment: The 1680 image, isn't that really a
1722 image? That causes MAJOR problems after you back
it up a couple of times. Seems to "mount" ok as a 1680,
but writes don't work too well!
The question:
After modifying the floppy (static IP, delete some
stuff) I added libz and sshd.
Strange about the 1680 size. Maybe I changed that after
I downloaded it? Oh well. I would have, because I need
the space.
SSHD - Nothing in any of the logs. I've set this up on
a few PCs in the past w/o problems. Maybe I'll copy the
file again. I had another issue last week where it
tu
Ok, sshd -d (debug!) returns:
Stuff
More Stuff
Bind to port 22 on 0.0.0.0 failed: Address already in
use.
Cannot bind any address.
-
This was Dach Floppy modified to be a static address.
How can I tell what is
Thanks, I did already work around that one.
I've been working with your 'stein diskettes for awhile
now, and they are really starting to make sense.
I'd hate to have to switch to another distro! In fact,
what I'm woring on now could probably be done easier
with another diskette disto (ox
No luck. Same results.
I had already checked with ps aux to see if it was
running already. I must have got something else running
on 22, butI have no idea what. Any magic to see what is
running on what ports?
Thanks,
Sean
> Did you stop sshd before starting it? That could generate an e
You are correct, but you get a specific error about libz
if it is not loaded.
Sean
> I have not seen where it was mentioned yet (nor do I know if it is required)
> but I thought that libz had to be loaded before sshd.
>
> Just a newbies two cents worth!
>
> Steve
>
> -Original Message
BTW, that is a literal "0.0.0.0" in the debug output,
not just me hiding my ip.
Sean
> Ok, sshd -d (debug!) returns:
>
>
> Stuff
> More Stuff
> Bind to port 22 on 0.0.0.0 failed: Address already in
> use.
> Cannot bind any address.
>
Speaking of lazy...I'm actually trying to create a "not
a firewall" floppy based Linux to run SETI@Home on some
junk PCs I have laying around. I'm pretty familiar with
the 'steins, so I thought I could just "delete some
stuff" and have a working system. I'm almost there,
except I need to be
I'm trying to compile a 2.2.19 Kernel on a Slink box
(preparing for some LEAF learning again).
I downloaded the linux-2.2.19.tar.gz tarball and put it
into /usr/src, and added a symlink to linux.
I did a make mrproper, then make menuconfig, then make
dep. On the make dep I get the followin
I have the opportunity to setup a firewall for a local
non-profit organization. They want Internet access for
their office. Both Cable and DSL are available in their
area. Prices and speed seem comparable. I have been
using Eiger and Dach 'steins for years with a cable
connection. I have
In this case, I have convinced them to host their
Website and Email with a service. The local access
would be for Email access (POP) and Web browsing only.
The local DSL provider (SNET telco) uses PPPoE last I
checked. None of the local cable providers do. Good
point about checking with th
This question comes up from time to time. After much
research and worrying, it usually turns out to be the
results of a class of tools represented by a product
called Big IP. This tool is sold to companies that want
to tailor the browsing experience of their visitors by
positioning Web Serv
I noticed this book in a local book store this weekend.
Might help you out?
http://safari.oreilly.com/main.asp?bookname=samba
> The problem I have is that I am looking at LEAF as an option for small
> offices, warehouses, etc. to access resources on corporate networks. I deal
> with quite large
Here is an interesting read about blocking IM and File
sharing. That should narrow things for you.
http://documents.iss.net/whitepapers/X-Force_P2P.pdf
> I am running Bering rc2 with ppp dial on demand. I have two teens that are
> using Instant Messaging (both AOL and MSN). Is there a way to bl
I scanned one of my firewalls just for the fun of it.
We've been using Nessus for scanning a client's network
to prepare for a security audit. Nothing fancy, just
a "default, don't DOS or destroy anything" type of
scan. Thought you all might be interested. Dach CD
1.02 (I updated some pac
I'm actually working on an updated cd. I have
added/updated ipmail.lrp, udhcp.lrp, sshkey.lrp,
sshd.lrp, sshd.lrp, sftp.lrp, and my libz.lrp was
updated previously. Any other packages I should
update/add? How about recent script changes? I'd be
willing to update those as well if needed.
Got them!
I'll wait until later tonight before making the ISO in
case anyone else has something to add.
Where should I upload the ISO to?
> > I already have psentry.lrp on my CD! Where are the
> > latest .lrp for the other packages? I get lost easily
> > on sourceforge. I'd be glad to add
And I will be getting an updated DachCD out someday
soon! With OpenSSH 3.4 I hope.
Lost a hard drive. Been trying to recover. I'll be
back at it soon.
I've got to sync up with everyone on any more script
changes that should be included.
Sean
> On Thu, 2002-06-27 at 04:33, Philippe Lepot w
The only "trick" with the cable modems is that
they "remember" the MAC address of the last nic
connected to them. If you plug a different nic in, they
don't connect. UNLESS you unplug the cable modem for a
few min. so it will forget the MAC address. Then
everything goes fine.
> Thanks, that
Correct me if I'm wrong here, but doesn't he need an
entry in his hosts.allow too?
Sean
> On Thursday 12 September 2002 08:27, Matt Walker wrote:
> > Thanks Lynn,
> >
> > Yes - ip_masq_portfw is loaded (I guess it's default setup - I didn't
> > add it, but it shows up when I lsmod). Am I doing
Is there any way to pre-load the dnscache with some
entries? Like telling it that *.doubleclick.* and
*.x10.* are 127.0.0.1?
TIA
Sean
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
-
I know this is probably blasphemy, but I'd use
WinImage. WinImage can read in your current diskette,
then you can change the format to 1680 or 1722 and write
it back out. Then all you need to do is change the
floppy device in the syslinux.cfg file.
To make life easier, I just added a second
30 matches
Mail list logo