Skip site navigation (1)Skip section navigation (2)
Date:      16 Apr 2003 23:32:18 +0100
From:      Stacey Roberts <stacey@vickiandstacey.com>
To:        Tuc <tuc@ttsg.com>
Cc:        FreeBSD Questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Changes in ssh?
Message-ID:  <1050532338.695.148.camel@localhost>
In-Reply-To: <200304162213.h3GMDtVI002954@himinbjorg.ttsg.com>
References:  <200304162213.h3GMDtVI002954@himinbjorg.ttsg.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Hello,

On Wed, 2003-04-16 at 23:13, Tuc wrote:
> > 
> > Hello,
> >      Thanks for the reply..,
> > 
> > On Wed, 2003-04-16 at 22:47, Tuc wrote:
> > > > ssh_exchange_identification: Connection closed by remote host
> > > >
> > > 	TCPWRAPPERS/hosts.allow is the first thing I think of when
> > > it does this.
> > > 
> > 
> > I thought of this.,
> > 

> > <snipped>

> 
> 	There is the possibility that its getting caught on one of the
> other things above there. The new format seems to go incrementally. Use
> tcpdmatch and see if it will tell you what line causes the hit/miss:
> 
> himinbjorg# tcpdmatch sshd valhalla
> warning: sshd: no such process name in /etc/inetd.conf
> warning: valhalla: hostname alias
> warning: (official name: valhalla.ttsg.com)
> client:   hostname valhalla.ttsg.com
> client:   address  216.231.111.14
> server:   process  sshd
> matched:  /etc/hosts.allow line 23
> option:   allow 
> access:   granted
> 
> (Thats the ALL:ALL:allow... taking that out :)
> 
> himinbjorg# tcpdmatch sshd valhalla
> warning: sshd: no such process name in /etc/inetd.conf
> warning: valhalla: hostname alias
> warning: (official name: valhalla.ttsg.com)
> client:   hostname valhalla.ttsg.com
> client:   address  216.231.111.14
> server:   process  sshd
> matched:  /etc/hosts.allow line 82
> option:   severity auth.info
> option:   twist /bin/echo "You are not welcome to use sshd from valhalla.ttsg.com."
> access:   delegated
> 
> 	Fails otherwise.

Okay.., forgot about tcpdmatch..,

Here's what I get on the new (host0) box:
warning: sshd: no such process name in /etc/inetd.conf
warning: <host>: hostname alias
warning: (official name: <FQDN>)
client:   hostname <FQDN>
client:   address  192.168.1.7
server:   process  sshd
matched:  /etc/hosts.allow line 32
option:   deny 
access:   denied

And here's what's returned from the source (host1) box:
warning: sshd: no such process name in /etc/inetd.conf
client:   hostname <host>
client:   address  192.168.1.8
server:   process  sshd
matched:  /etc/hosts.allow line 30
option:   deny 
access:   denied

And another host2 on the network:
warning: sshd: no such process name in /etc/inetd.conf
client:   hostname <host>
client:   address  192.168.1.10
server:   process  sshd
matched:  /etc/hosts.allow line 30
option:   deny 
access:   denied

Note the differences in the output from the new box and others - host1 &
host2..,

Is there anything in this difference?

All but one box is running 4.8 Stable, the odd one out is running
4.8-RC, dated March 22, but running the same version of ssh as the
others..,

Regards,

Stacey

> 
> 		Tuc/TTSG Internet Services, Inc.
-- 
Stacey Roberts
B.Sc (HONS) Computer Science

Web: www.vickiandstacey.com




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1050532338.695.148.camel>