> | I can ssh IN to the site from outside.
> |
> | I can telnet in to and out from the site without difficulty.
> |
> | I can NOT ssh out from the site to anywhere. The response shown above
> | is repeatable and consistent. I'm really stumped!!
>
> So? Some firewalls stop you getting out (ours does - we use SOCKS to
> get out). Maybe ssh and telnet are in the list allowed _in_ (which
> is a bit odd - letting telnet in is pretty much an invitation to
> hack).
>
DUH..... I confess. Stupid cockpit error. The hosts having difficulty
connecting were configured in the lab where there is a socks
firewall and thus had a libsocks5.conf file. All attempts to ssh OUT
anywhere to the internet were trying to invoke a non-existent socks
proxy and thus generated the connection refused message. Commenting
out the contents of libsocks5.conf fixed the problem. I wonder at
this point if ssh can distinguish between a real "connection refused"
and a bogus attempt to access a non-existent firewall proxy.
Michael
[EMAIL PROTECTED]
