Hi, Roberto, The 'ssh -vvv jdgrieco@192.168.1.10' output is:
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012 debug1: Reading configuration data /home/jdgrieco/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.1.10 [192.168.1.10] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load "/home/jdgrieco/.ssh/id_rsa" as a RSA1 public key debug1: identity file /home/jdgrieco/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/jdgrieco/.ssh/id_rsa-cert type -1 debug1: identity file /home/jdgrieco/.ssh/id_dsa type -1 debug1: identity file /home/jdgrieco/.ssh/id_dsa-cert type -1 debug1: identity file /home/jdgrieco/.ssh/id_ecdsa type -1 debug1: identity file /home/jdgrieco/.ssh/id_ecdsa-cert type -1 ssh_exchange_identification: read: Connection reset by peer Both dumps are attached Em 27-01-2014 13:03, Roberto C. Sánchez escreveu:
On Mon, Jan 27, 2014 at 12:46:00PM -0200, "José D. Grieco" wrote:Hi, I have in rules file: SSH/ACCEPT all all but I can't connect to FW from net interface, only from local interface. If I stop shorewall (shorewall clear) the ssh connection is established without any problem. I using shorewall 4.5.5.3 on a debian machine. Any advice??José, In order to help you troubleshoot the problem, we will need the output of 'shorewall dump' run as root. In order to make the output useful, run the command with the failing configuration in place and after attempting an SSH connection. Also, the output of 'ssh -vvv [host]' might be helpful, but we may not need that just yet. Regards, -Roberto ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
dump_after_ssh_attempt.txt.gz
Description: GNU Zip compressed data
dump_in_place.txt.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
