From owner-freebsd-questions Wed Dec 6 18:41:40 2000 From owner-freebsd-questions@FreeBSD.ORG Wed Dec 6 18:41:38 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from freeze.org (www.bellnetworks.net [208.177.187.234]) by hub.freebsd.org (Postfix) with ESMTP id 3C39137B400 for ; Wed, 6 Dec 2000 18:41:38 -0800 (PST) Received: (from jim@localhost) by freeze.org (8.9.3/8.9.3) id VAA35501; Wed, 6 Dec 2000 21:41:27 -0500 (EST) (envelope-from jim) X-Authentication-Warning: www.bellnetworks.net: Processed from queue /var/spool/alt_queue X-Authentication-Warning: www.bellnetworks.net: Processed by jim with -C /web/siteinfo/freeze/mail/sendmail.cf Date: Wed, 6 Dec 2000 21:41:27 -0500 (EST) From: Jim Freeze X-Sender: jim@www.bellnetworks.net To: Edwin Groothuis Cc: freebsd-questions@freebsd.org Subject: Re: Can no longer ssh In-Reply-To: <20001206153640.D32018@d9168.upc-d.chello.nl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 6 Dec 2000, Edwin Groothuis wrote: > euh, if you add the first line again, which made it impossible for > you to ssh to the machine, then "ipfw zero" to get rid of everything > and then try to login again, that is when there is usefull information > in this list. Then we can also have a look at /var/log/security > which tells you which packets are being blocked. > euh is right. OK, I'm still a novice here. Here is what I have done. # sh /etc/rc.firewall This put all the original 'simple' firewall rules back in place. # ipfw zero Apparently this cleared a log file or log counter, but I don't have /var/log/security so I don't know where ipfw or natd is logging to. From a remote host (outside) I attempted to ssh in: $ ssh -v -l jfreeze 24.9.218.175 SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x00904100). debug: Reading configuration data /usr/local/etc/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to 24.9.218.175 [24.9.218.175] port 22. debug: Allocated local port 968. --it stopped and hung at this point Back on the gateway machine: /var/log/messages Dec 6 21:29:47 eeyore1 /kernel: ipfw: Accounting cleared. No record of the ssh activity. ==================================================== Jim Freeze jim@freeze.org --------------------------------------------------- ** http://www.freeze.org ** ==================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message