From owner-freebsd-questions Sat Aug 11 14:58:50 2001 Delivered-To: freebsd-questions@freebsd.org Received: from jezebel.demon.co.uk (jezebel.demon.co.uk [158.152.38.143]) by hub.freebsd.org (Postfix) with ESMTP id 7EE2C37B408 for ; Sat, 11 Aug 2001 14:58:44 -0700 (PDT) (envelope-from rdls@jezebel.demon.co.uk) Received: (from rdls@localhost) by jezebel.demon.co.uk (8.11.1/8.11.1) id f7BLsOe00814; Sat, 11 Aug 2001 22:54:24 +0100 (BST) (envelope-from rdls) Date: Sat, 11 Aug 2001 22:54:23 +0100 From: Richard Smith To: George Genovezos Cc: dkelly@hiwaay.net, freebsd-questions@freebsd.org Subject: Re: ipfw & firewall. Message-ID: <20010811225423.B733@gaia.home.rdls.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from ggenovez@hotmail.com on Sat, Aug 11, 2001 at 06:18:11AM +0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Aug 11, 2001 at 06:18:11AM +0000, George Genovezos wrote: > Ok here is the latest & greatest out put > ipfw -at l > 00100 4 160 Fri Aug 10 23:11:40 2001 allow ip from any to any via fxp0 > 00200 0 0 allow tcp from any to any out xmit > fxp0 > setup > 00400 0 0 allow tcp from any 22 to any out > setup > 00500 1 44 Fri Aug 10 23:10:46 2001 allow tcp from any to any 22 in > setup > 00600 27 2242 Fri Aug 10 23:10:46 2001 allow ip from any to any via lo0 > 65435 0 0 deny log logamount 100 ip from any > to any > 65535 155 7708 Fri Aug 10 23:03:53 2001 deny ip from any to any > > now when I ssh to my box I get: > > ssh -v localhost > SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions > 1.5/2.0.Compiled with SSL (0x0090600f). > debug: Reading configuration data /etc/ssh/ssh_config > debug: ssh_connect: getuid 0 geteuid 0 anon 0 Looks like you're trying to log in as root. /etc/ssh/sshd_config denies this by default. > debug: Connecting to localhost [::1] port 22. > debug: Allocated local port 863. > debug: connect: Connection refused > debug: Connecting to localhost [127.0.0.1] port 22. > debug: Allocated local port 862. > debug: Connection established. > debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0 > green@FreeBSD.org 20010321 > debug: match: OpenSSH_2.3.0 green@FreeBSD.org 20010321 pat ^OpenSSH[-_]2\.3 > > debug: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org 20010321 > debug: Waiting for server public key. > debug: Received server public key (768 bits) and host key (1024 bits). > debug: Forcing accepting of host key for loopback/localhost. > debug: Encryption type: 3des > debug: Sent encrypted session key. > debug: Installing crc compensation attack detector. > debug: Received encrypted confirmation. > Permission denied. > debug: Calling cleanup 0x805c528(0x0) > > Any hints? clues? Ideas? > > Firewall issue or ssh? > > DNS apears to be working without any entries. Anything I need to be > concerned about? > > By the way Gary I got your messages and responded back to you I don't know > if you got my message. > > Thx Everybuddy. > > G > -- Richard Smith Network Systems Director Satamatics Ltd Green Lane, Tewkesbury, GL20 8HD, United Kingdom Tel: +44 1684 278610 Fax: +44 1684 278611 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message