From owner-freebsd-current Mon Mar 3 8:26: 2 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 93A5E37B401 for ; Mon, 3 Mar 2003 08:25:59 -0800 (PST) Received: from klentaq.com (ip-64-32-219-171.nyc.megapath.net [64.32.219.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9702A43F3F for ; Mon, 3 Mar 2003 08:25:58 -0800 (PST) (envelope-from currently@klentaq.com) Received: by klentaq.com (Postfix, from userid 1013) id C9A957F6; Mon, 3 Mar 2003 10:26:09 -0600 (CST) Date: Mon, 3 Mar 2003 10:26:09 -0600 From: Wayne Barnes To: Andre Guibert de Bruet Cc: current@freebsd.org Subject: Re: can't sshd into box Message-ID: <20030303102609.B70601@klentaq.com> References: <20030303000955.A69139@klentaq.com> <20030303020915.B59207@alpha.siliconlandmark.com> <3E6303EE.9516823A@mindspring.com> <20030303101317.P59207@alpha.siliconlandmark.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030303101317.P59207@alpha.siliconlandmark.com>; from andy@siliconlandmark.com on Mon, Mar 03, 2003 at 10:48:15AM -0500 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dear Andre, Yes, I can telnet and ssh on loopback. Boy, that debug setting on the telnetd sure dumps a lot of output on the telnet side (but is still silent on the screen where I started it). - Wayne On Mon, Mar 03, 2003 at 10:48:15AM -0500, Andre Guibert de Bruet wrote: > > On Sun, 2 Mar 2003, Terry Lambert wrote: > > > Andre Guibert de Bruet wrote: > > > On Mon, 3 Mar 2003, Wayne Barnes wrote: > > > > Immediately after rebooting, I get this: > > > > > > > > root@etaq3:/home/wayne>telnetd -debug > ^^^^^^^ > > > > telnetd: bind: Address already in use > > > > > > > > This doesn't happen on my other (working) system. > > > > Could this be a clue to my problem? > > > > > > Telnetd is telling you that something else is listening on port 23. This > > > is most probably inetd. Do a 'killall inetd' then try that command. > > > > That's not only going to stop inetd from sitting on the port, > > it will probably also make telnet into the box start working, > > if it's related to the TCP wrappers (if he had modified his > > hosts.allow with the advice from a previous poster, he would > > not be having this problem, if that happens, so rather than > > posting his problem over and over again, maybe he should read > > the responses, and at least tell us if they worked?). > > > > Otherwise, another common culprit is ipfw; if he has the > > firewall enabled, the default is to block everything. > > > > Given that he got a connection, and that it was subsequently > > closed, though, rather than not getting a connection at all, > > it's a safe bet that it's the TCP wrappers, not the ipfw, that > > is causing the trouble. > > > > In which case, he should take the advice on the hosts.allow > > file contents that he was given earlier, and it will fix his > > problem... > > Terry, > > Part of the original message said the following: > > I have installed 5.0 into a new Dell. I have not set up anything > special yet (no firewall, no natd, etc.). > <...> > Is there a new default connecton protection that I must turn off, or > something? [/etc/hosts.allow is the default setting, I see no answer > there.] > > > If I recall correctly, we don't ship GENERIC with any firewalling options > enabled, so like you said, this is not likely to be a firewalling issue. > > 5.0R's /etc/hosts.allow shipped with something like the following at the > top of the file: > # Start by allowing everything (this prevents the rest of the file > # from working, so remove it when you need protection). > # The rules here work on a "First match wins" basis. > ALL : ALL : allow > > If Wayne was trying to run 'telnetd -debug', would it not make sense for > him to kill inetd first (or at least reconfigure inetd.conf then hup it) > before running the daemon in debug mode at the command line? > > Wayne: Can you successfully login using telnet over the loopback > interface? > > Regards, > > > Andre Guibert de Bruet | Enterprise Software Consultant > > > Silicon Landmark, LLC. | http://siliconlandmark.com/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message -- -- Wayne M Barnes, currently@klentaq.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message