Date: Thu, 6 May 2010 17:18:17 -0700 From: Gary Kline <kline@thought.org> To: Tim Daneliuk <tundra@tundraware.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: ssh: port 22: connection refuused Message-ID: <20100507001817.GB43291@thought.org> In-Reply-To: <4BE3392E.6030405@tundraware.com> References: <20100506172149.GA42430@thought.org> <4BE2FD22.3060302@tundraware.com> <20100506213556.GB42975@thought.org> <4BE33781.90108@tundraware.com> <4BE3392E.6030405@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 06, 2010 at 04:48:30PM -0500, Tim Daneliuk wrote: > On 5/6/2010 4:41 PM, Tim Daneliuk wrote: > > On 5/6/2010 4:35 PM, Gary Kline wrote: > >> On Thu, May 06, 2010 at 12:32:18PM -0500, Tim Daneliuk wrote: > >>> On 5/6/2010 12:21 PM, Gary Kline wrote: > >>>> > >>>> can anybody help me with ne of my last problems: getting ssh Into > >>>> my new comuter? i am able to ssh outside. need to scp my config > >>>> files over. > >>>> > >>>> sshd is running on "zen" > >>>> > >>>> > >>> > >>> This generally involves two or three steps: > >>> > >>> 1) Make sure /etc/rc.conf has this in it: > >>> > >>> sshd_enable="YES" > >> > >> Yes; this was my first try. no diff. > >>> > >>> 2) Make sure /etc/hosts.allow permits access > >>> to your machine via ssh. Something like this: > >>> > >>> sshd: 192.168. a_host-name.com an.ip.add.ress :ALLOW > >>> > >>> Some people do this: > >>> > >>> sshd: ALL :ALLOW > >>> > >>> That's fine if the machine sits on a trusted LAN, but I don't > >>> much like this for machines that are internet-facing ... it > >>> just provides another vector for attack. So, for such machines, > >>> I explicitly name the address and names that are permitted ssh access. > >> > >> ok. itried this; have not rebooted yet. no difference right > >> now. > >> > >>> > >>> 3) If you're running a firewall, make sure that the sshd ports > >>> (22/tcp and 22/udp) are open for those machines/addresses > >>> you want to connect into your FreeBSD box. > >>> > >> > >> > >> i'm runnning a pfSense computer; pretty sure that things are > >> sett correctly there. > >> > >>> > >>> If you are still having trouble, go to the client machine > >>> and invoke your session like this: > >>> > >>> ssh -vvvvv your_freebsd_machine > >>> > >> > >> the files in /etc/ssh were the first thing i thought of > >> editing. didn't see many differences between rel 8.0 and my > >> current 7.3. still, here is the verbose output. > >> > >> > >> pl 14:20 <tao> [5036] ssh zen > >> ssh: connect to host zen port 22: Connection refused > >> pl 14:20 <tao> [5037] ssh -vvvv zen > >> OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007 > >> debug1: Reading configuration data /etc/ssh/ssh_config > >> debug2: ssh_connect: needpriv 0 > >> debug1: Connecting to zen [10.47.0.190] port 22. > >> debug1: connect to address 10.47.0.190 port 22: Connection > >> refused > >> ssh: connect to host zen port 22: Connection refused > >> pl 14:22 <tao> [5038] > >> > >> any idea what the ``needpriv 0'' means? > >> > >> > >> > > > > > > What's in your /etc/hosts.allow file? > > > > > Oh ... one other thing ... make sure sshd is actually running. > If you changed the /etc/rc.conf enable line without either rebooting > or doing a kill -HUP 1, you may not have a running daemon. > i'm like 9.99-bar % sure sshd is up; i did ti the long way by sh /etc/rc.d/ssh restart and so it has to have exec. i just poked around on google and there is some noise about ssh failing from outside. i'm downloading a cd of 8.0 (i386)! of the Real-Thing: freebsd. it should be about an hour. the main//only reason i messed with linux was that for reasons unknown [completely], FBSD messed up on streams. but in just the past several weeks i'm able to play audio and video streams here on my old '03 Dell. i've got 7.3 here, but using firefox3: yes. i use konqueror because it has text/speech builtin. on the kde4, i see that konq4 seems ready to play streams. nutshell, no more going to/fro. > > -- > ---------------------------------------------------------------------------- > Tim Daneliuk tundra@tundraware.com > PGP Key: http://www.tundraware.com/PGP/ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Gary Kline kline@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100507001817.GB43291>