Date: Wed, 10 Jan 2001 22:55:48 -0600 (CST) From: Steve <vandena@ispchannel.com> To: David Schultz <vvortex1@home.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ssh inop Message-ID: <Pine.BSF.4.21.0101102232470.260-100000@testbed.com> In-Reply-To: <000b01c07aff$1764b920$0100a8c0@mshome.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dave: Thanks for the reply. I agree that it seems weird that it's trying to listen on 0.0.0.0 and on ::. In looking at the man pages, /etc/sshd_config was the first place I checked to make sure settings were correct. However, all settings are as default... i.e. commented out. Checking ps -ax | grep sshd turned up just sshd running and the grep command. For the ruleset, I loaded the included default "open" ruleset (in /etc/rc.firewall), which should pretty much allow everything also. Still no luck. I disabled the firewall in /etc/rc.conf, rebooted, and still got the errors as shown below. I can log into the box locally. (Is it possible to ssh from one port to the other? I tried that for S&G's and it didn't work, either.) When I was running 4.0 in the past, there was no problems getting it up and running with all of the default settings untouched. I have had ssh working on 4.2 prior to this (albeit the connection took a considerable length of time!). All that has been done to this point is a completely fresh new install of 4.2, the firewall and natd settings in the kernel, and ssh loaded from the ports collection. I'm stumped... If I could figure out where FBSD is getting the erroneous bind info described below, I think I'll be able to back-trace it from there. Any and all suggestions are welcome... TIA... Steve On Wed, 10 Jan 2001, David Schultz wrote: > > Running FBSD 4.2-RELEASE with ipfw and natd. Installed ssh without any > > problems. Tried to access my FBSD machine from any system on either side > > of the firewall and was unable to connect...timeout error. I specified my > > IP address on each side of the firewall in /etc/ssh/sshd_config. Still > > unable to log in via ssh (timeout error). Looked in /var/log/messages and > > found the following error: > > > > sshd[260]: error: Bind to port 22 on :: failed: Address already in use. > > sshd[260]: error: Bind to port 22 on 0.0.0.0 failed: Address already in > > use. > > sshd[260]: fatal: Cannot bind all addresses. > > It somehow seems wrong that sshd would be trying to listen on 0.0.0.0. I > suspect that (a) you specified an invalid ListenAddress in sshd_config or > (b) you uncommented the "#ListenAddress 0.0.0.0" and "#ListenAddress ::" > examples in the file without actually changing the addresses. (The latter is > just a null IPv6 address.) It's usually best to leave it on the default > setting (i.e. comment out ListenAddress), which is to listen on all local > interfaces. OpenSSH has created a very secure daemon, and I doubt there is > any justifiable security concern to warrant blocking logins from certain > interfaces. > > If you've still got trouble, see if "ps -ax |grep sshd" turns up anything. > If so, try to connect to the box locally. You could also try disabling the > firewall temporarily, but I doubt that it is to blame. Just make sure you > actually are loading a ruleset--- unless you changed it in the kernel > configuration, the default is to deny everything. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0101102232470.260-100000>