From owner-freebsd-questions Sun Mar 2 13: 3:33 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1CFB837B401; Sun, 2 Mar 2003 13:03:32 -0800 (PST) Received: from ra.dweebsoft.com (ra.dweebsoft.com [209.237.40.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7189A43FCB; Sun, 2 Mar 2003 13:03:31 -0800 (PST) (envelope-from daxbert_news@dweebsoft.com) Received: from ra.dweebsoft.com (localhost [127.0.0.1]) by ra.dweebsoft.com (8.12.6/8.12.6) with ESMTP id h22L3TCF058884; Sun, 2 Mar 2003 13:03:30 -0800 (PST) (envelope-from daxbert_news@dweebsoft.com) Received: (from http@localhost) by ra.dweebsoft.com (8.12.6/8.12.3/Submit) id h22L3T66058883; Sun, 2 Mar 2003 13:03:29 -0800 (PST) X-Authentication-Warning: ra.dweebsoft.com: http set sender to daxbert_news@dweebsoft.com using -f Received: from 64.81.58.36 ( [64.81.58.36]) as user daxbert@localhost by ra.dweebsoft.com with HTTP; Sun, 2 Mar 2003 13:03:29 -0800 Message-ID: <1046639009.3e6271a1b2285@ra.dweebsoft.com> Date: Sun, 2 Mar 2003 13:03:29 -0800 From: Daxbert To: Wayne Cc: "" , "" Subject: Re: can't sshd into box MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 X-Originating-IP: 64.81.58.36 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Quoting Wayne : > I have installed 5.0 into a new Dell. I have not set up anything > special yet (no firewall, no natd, etc.). > > I can ssh out to the world, but I can't get into the new box from the > gateway FreeBSD box on the same home network. The gateway box properly > lists the new box in /etc/hosts. Each box can ping the other by name > and by ip. > > I enabled telnet in inetd.conf, and I get rejected, also. > > Is there a new default connecton protection that I must turn off, or > something? [/etc/hosts.allow is the default setting, I see no answer > there.] > > wayne@etaq:/home/wayne>telnet etaq3 > Trying 192.168.0.12... > Connected to etaq3.etaq.com. > Escape character is '^]'. > Connection closed by foreign host. > > wayne@etaq:/home/wayne>ping etaq3 > PING etaq3.etaq.com (192.168.0.12): 56 data bytes > 64 bytes from 192.168.0.12: icmp_seq=0 ttl=64 time=0.402 ms When you telnet to any tcp port and you receive 'Connected to xxxx' followed by an immediate Connection closed by foreign host, it almost always means tcp_wrappers is blocking your connection. FWIW - the 'Connected to' blurb means the 3-way TCP handshake was successful. I thought the default install has tcp_wrappers "open". Since it sounds like it's not open, add the following line to the very top of /etc/hosts.allow to effecctively disable tcp_wrappers: ALL : ALL : allow As another test... do the following: # telnet etaq3 22 Do you get an SSH banner immediately? eventually? never? --daxbert To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message