From owner-freebsd-current Thu Mar 6 4:55:36 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92BE737B401; Thu, 6 Mar 2003 04:55:34 -0800 (PST) Received: from mail.tcoip.com.br (erato.tco.net.br [200.220.254.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C80B343F93; Thu, 6 Mar 2003 04:55:31 -0800 (PST) (envelope-from dcs@tcoip.com.br) Received: from tcoip.com.br ([10.0.2.6]) by mail.tcoip.com.br (8.11.6/8.11.6) with ESMTP id h26Csu909493; Thu, 6 Mar 2003 09:54:57 -0300 Message-ID: <3E674520.40301@tcoip.com.br> Date: Thu, 06 Mar 2003 09:54:56 -0300 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2b) Gecko/20021016 X-Accept-Language: en-us, en, pt-br, ja MIME-Version: 1.0 To: Wayne Cc: questions@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: can't sshd into box References: <20030302145643.A26191@etaq.com> In-Reply-To: <20030302145643.A26191@etaq.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG IIRC, 5.0-R has reverse name resolution for sshd (which is _always_=20 done, because of PAM, I think, no matter what the configuration file=20 say) run chrooted in /var/empty. Well, the problem with that is that, by = default (ie, in the absence of any configuration in /var/empty/etc)=20 127.0.0.1 is searched first, and if you have blackhole enabled (or=20 equivalent firewall rules), it takes a LONG time for it to realize no=20 answer is coming. Wayne wrote: > Dear FreeBSD, > > I have installed 5.0 into a new Dell. I have not set up anything > special yet (no firewall, no natd, etc.). > > I can ssh out to the world, but I can't get into the new box from t= he > gateway FreeBSD box on the same home network. The gateway box properly= > lists the new box in /etc/hosts. Each box can ping the other by name > and by ip. > > I have tried the OpenSSH that came with the system, and I > installed ssh-3.0 , and the result is the same. sshd is running > on the new box. > > I enabled telnet in inetd.conf, and I get rejected, also. > > Is there a new default connecton protection that I must turn off, o= r > something? [/etc/hosts.allow is the default setting, I see no answer > there.] > > - Wayne > > --------- example screen output below. The new box is etaq3 ------ > > wayne@etaq:/home/wayne>ssh etaq3 > ssh_exchange_identification: read: Connection reset by peer > > wayne@etaq:/home/wayne>telnet etaq3 > Trying 192.168.0.12... > Connected to etaq3.etaq.com. > Escape character is '^]'. > Connection closed by foreign host. > > wayne@etaq:/home/wayne>ping etaq3 > PING etaq3.etaq.com (192.168.0.12): 56 data bytes > 64 bytes from 192.168.0.12: icmp_seq=3D0 ttl=3D64 time=3D0.402 ms > 64 bytes from 192.168.0.12: icmp_seq=3D1 ttl=3D64 time=3D0.618 ms > 64 bytes from 192.168.0.12: icmp_seq=3D2 ttl=3D64 time=3D0.344 ms > --=20 Daniel C. Sobral Ger=EAncia de Opera=E7=F5es Divis=E3o de Comunica=E7=E3o de Dados Coordena=E7=E3o de Seguran=E7a TCO Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message