From owner-freebsd-questions  Wed Dec  6  0:11:14 2000
From owner-freebsd-questions@FreeBSD.ORG  Wed Dec  6 00:11:12 2000
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id 9E8AC37B400
	for <questions@freebsd.org>; Wed,  6 Dec 2000 00:11:12 -0800 (PST)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Wed, 6 Dec 2000 00:09:38 -0800
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eB68B5a62341;
	Wed, 6 Dec 2000 00:11:05 -0800 (PST)
	(envelope-from cjc)
Date: Wed, 6 Dec 2000 00:10:59 -0800
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: Jim Freeze <jim@freeze.org>
Cc: questions@FreeBSD.ORG
Subject: Re: Can no longer ssh
Message-ID: <20001206001059.G99903@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <Pine.BSF.4.21.0012051930020.13396-100000@www.bellnetworks.net> <Pine.BSF.4.21.0012052200500.14802-100000@www.bellnetworks.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.BSF.4.21.0012052200500.14802-100000@www.bellnetworks.net>; from jim@freeze.org on Tue, Dec 05, 2000 at 10:16:06PM -0500
Sender: cjc@149.211.6.64.reflexcom.com
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, Dec 05, 2000 at 10:16:06PM -0500, Jim Freeze wrote:
> As I keep working on this issue, I keep inching forward. The ssh login
> 'su' garbage below was my mistake. In setting up the LAN I changed the
> name of my gateway. That is now fixed.
> 
> I verfied ssh was working by removing all the firewall rules with
> 
> # ipfw -f flush
> 
> Reading some of the postings on mailing list suggestd that divert should
> come after the firewall rules.
> 
> My rules started out with 
> 
> 00100 0   0 divert 8668 ip from any to any via vx0
> 00150 0   0 allow ip from any to any via lo0
> ...
> 
> If I remove 100
> 
> then ssh works, but of course I have killed my lan. I tried moving divert
> toward the end, but have not been sucessfull.
> 
> Can someone shed some light on this for me?

Could you tell us again what does and does not work? In your last
mail, you were ssh'ing to localhost and getting messages from sshd
about attempts to login as root? So, does,

  $ ssh -v -l joeuser localhost

Work sometimes?
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message