Date: Thu, 06 Mar 2003 09:54:56 -0300 From: "Daniel C. Sobral" <dcs@tcoip.com.br> To: Wayne <wayne@etaq.com> Cc: questions@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: can't sshd into box Message-ID: <3E674520.40301@tcoip.com.br> In-Reply-To: <20030302145643.A26191@etaq.com> References: <20030302145643.A26191@etaq.com>
next in thread | previous in thread | raw e-mail | index | archive | help
IIRC, 5.0-R has reverse name resolution for sshd (which is _always_=20 done, because of PAM, I think, no matter what the configuration file=20 say) run chrooted in /var/empty. Well, the problem with that is that, by = default (ie, in the absence of any configuration in /var/empty/etc)=20 127.0.0.1 is searched first, and if you have blackhole enabled (or=20 equivalent firewall rules), it takes a LONG time for it to realize no=20 answer is coming. Wayne wrote: > Dear FreeBSD, > > I have installed 5.0 into a new Dell. I have not set up anything > special yet (no firewall, no natd, etc.). > > I can ssh out to the world, but I can't get into the new box from t= he > gateway FreeBSD box on the same home network. The gateway box properly= > lists the new box in /etc/hosts. Each box can ping the other by name > and by ip. > > I have tried the OpenSSH that came with the system, and I > installed ssh-3.0 , and the result is the same. sshd is running > on the new box. > > I enabled telnet in inetd.conf, and I get rejected, also. > > Is there a new default connecton protection that I must turn off, o= r > something? [/etc/hosts.allow is the default setting, I see no answer > there.] > > - Wayne > > --------- example screen output below. The new box is etaq3 ------ > > wayne@etaq:/home/wayne>ssh etaq3 > ssh_exchange_identification: read: Connection reset by peer > > wayne@etaq:/home/wayne>telnet etaq3 > Trying 192.168.0.12... > Connected to etaq3.etaq.com. > Escape character is '^]'. > Connection closed by foreign host. > > wayne@etaq:/home/wayne>ping etaq3 > PING etaq3.etaq.com (192.168.0.12): 56 data bytes > 64 bytes from 192.168.0.12: icmp_seq=3D0 ttl=3D64 time=3D0.402 ms > 64 bytes from 192.168.0.12: icmp_seq=3D1 ttl=3D64 time=3D0.618 ms > 64 bytes from 192.168.0.12: icmp_seq=3D2 ttl=3D64 time=3D0.344 ms > --=20 Daniel C. Sobral Ger=EAncia de Opera=E7=F5es Divis=E3o de Comunica=E7=E3o de Dados Coordena=E7=E3o de Seguran=E7a TCO Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E674520.40301>