From owner-freebsd-questions Thu Jan 11 3:59:12 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp2a.ispchannel.com (smtp.ispchannel.com [24.142.63.7]) by hub.freebsd.org (Postfix) with ESMTP id 2E6FB37B400 for ; Thu, 11 Jan 2001 03:58:55 -0800 (PST) Received: from cm-206-31-81-96.gulfbreeze.mediacom.ispchannel.com ([206.31.81.96]) by smtp2a.ispchannel.com (InterMail vK.4.02.00.00 201-232-116 license 7d3764cdaca754bf8ae20adf0db2aa60) with ESMTP id <20010111120208.OUVT382.smtp2a@cm-206-31-81-96.gulfbreeze.mediacom.ispchannel.com>; Thu, 11 Jan 2001 04:02:08 -0800 Date: Thu, 11 Jan 2001 05:58:49 -0600 (CST) From: Steve X-Sender: vandena@testbed.com To: David Schultz Cc: freebsd-questions@FreeBSD.ORG Subject: Re: ssh inop In-Reply-To: <000b01c07aff$1764b920$0100a8c0@mshome.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This morning I deinstalled ssh and rebooted. No error messages like below. However, still timed out when trying to ssh in. Can someone tell me if Is there a major difference between OpenSSH (which is installed by default, correct?) and SSH that may be causing this problem? On Wed, 10 Jan 2001, David Schultz wrote: > > Running FBSD 4.2-RELEASE with ipfw and natd. Installed ssh without any > > problems. Tried to access my FBSD machine from any system on either side > > of the firewall and was unable to connect...timeout error. I specified my > > IP address on each side of the firewall in /etc/ssh/sshd_config. Still > > unable to log in via ssh (timeout error). Looked in /var/log/messages and > > found the following error: > > > > sshd[260]: error: Bind to port 22 on :: failed: Address already in use. > > sshd[260]: error: Bind to port 22 on 0.0.0.0 failed: Address already in > > use. > > sshd[260]: fatal: Cannot bind all addresses. > > It somehow seems wrong that sshd would be trying to listen on 0.0.0.0. I > suspect that (a) you specified an invalid ListenAddress in sshd_config or > (b) you uncommented the "#ListenAddress 0.0.0.0" and "#ListenAddress ::" > examples in the file without actually changing the addresses. (The latter is > just a null IPv6 address.) It's usually best to leave it on the default > setting (i.e. comment out ListenAddress), which is to listen on all local > interfaces. OpenSSH has created a very secure daemon, and I doubt there is > any justifiable security concern to warrant blocking logins from certain > interfaces. > > If you've still got trouble, see if "ps -ax |grep sshd" turns up anything. > If so, try to connect to the box locally. You could also try disabling the > firewall temporarily, but I doubt that it is to blame. Just make sure you > actually are loading a ruleset--- unless you changed it in the kernel > configuration, the default is to deny everything. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message