Date: Tue, 13 Nov 2012 20:09:08 -0800 From: Gary Kline <kline@thought.org> To: Polytropon <freebsd@edvax.de> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: well, try here first... Message-ID: <20121114040908.GD16091@ethic.thought.org> In-Reply-To: <20121114023543.0a1737eb.freebsd@edvax.de> References: <20121113052159.GA31404@ethic.thought.org> <20121113063952.5c9bfaa2.freebsd@edvax.de> <20121113075721.GB3359@ethic.thought.org> <20121113090812.97e1c6a1.freebsd@edvax.de> <20121113185040.GA2570@ethic.thought.org> <20121114023543.0a1737eb.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 14, 2012 at 02:35:43AM +0100, Polytropon wrote:
> > box. it's got a web interface and runs some flavor of firewall that
> > I never studied. yuk.
>
> I assume your "HW firewall" protects you to the outside. Of
> course it should allow SSH connections from the outside to
> the "tao" box _if_ you want it that way.
my netgear and pfSense setup surprised me this afternoon. the
initial setup listed my internal IP as
10.47.0.114,
but something I did changed the DHCP leases section to
10.47.0.113 .
after that, I could ssh out and then ssh back to tao.
> But I was thinking about the firewall run by the Fedora OS
> that might block SSH connections to "tao", no matter from
> where they come, just as if you would have set up FreeBSD's
> ipfw with the default to deny connections: without explicitely
> enabling SSH connections the server cannot be reached, no
> matter if it's running.
>
I havent used ipfw for many years. the most recent firewall I
ran was on FBSD 5.X and was {i think} "pfw". I got quite good
at it. I should learn more about plain "pf" and pfSense.
do you know if pf/pfsense defaults to DENY incoming connections?
that would explain a Lot!
>
> > > > > The way _how_ to enable it depends on the distribution you're
> > > > > using and is very different among the Linusi.
> > > >
> > > > rt., and this is fedora, my least fav distro. But I've always had
> > > > trouble with ssh, even with FBSD.
> > >
> > > There is a nice summary on how to get the OpenSSH server
> > > set up on Fedora:
> > >
> > > http://www.techotopia.com/index.php/Configuring_Fedora_Linux_Remote_Access_using_SSH
> > >
> > > Basically, it's about installing and enabling it. The article
> > > also discusses how to enable configure the firewall properly.
> > >
> >
> >
> > thank you. I'll ck it out. also google other stuff if I have to.
>
> Check if the Techotopia article matches your version of Fedora.
> It shows how to install and enable the SSH server and also
> mentions the "built-in" firewall that has to be configured
> to allow connections to that server.
the URL you had was fedora-13; what I installed fedora-17.
and just recently--maybe when I rebooted--i saw fedora-19[?]
not sure... .
>
> >From my limited experience with Fedora (haven't used it for some
> time), this looks like what you need to do.
>
well, the deal is that my volunteer system admin worked for
red hat for about 5 years. I'm more used to ubuntu, but my
friend says that im on my own....
anyway, things are starting to eork. [!]
>
> --
> Polytropon
> Magdeburg, Germany
> Happy FreeBSD user since 4.0
> Andra moi ennepe, Mousa, ...
--
Gary Kline kline@thought.org http://www.thought.org Public Service Unix
Twenty-six years of service to the Unix community.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121114040908.GD16091>