From owner-freebsd-security@FreeBSD.ORG  Fri Dec 29 15:14:37 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 2483F16A415
	for <freebsd-security@freebsd.org>;
	Fri, 29 Dec 2006 15:14:37 +0000 (UTC)
	(envelope-from piechota@argolis.org)
Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.192.83])
	by mx1.freebsd.org (Postfix) with ESMTP id 0D7D313C43E
	for <freebsd-security@freebsd.org>;
	Fri, 29 Dec 2006 15:14:37 +0000 (UTC)
	(envelope-from piechota@argolis.org)
Received: from acropolis.argolis.org ([71.224.141.16])
	by comcast.net (rwcrmhc13) with ESMTP
	id <20061229150113m1300iq1tfe>; Fri, 29 Dec 2006 15:01:14 +0000
Received: from acropolis.argolis.org (localhost [127.0.0.1])
	by acropolis.argolis.org (8.13.6/8.13.6) with ESMTP id kBTF1CCD053694; 
	Fri, 29 Dec 2006 10:01:12 -0500 (EST)
	(envelope-from piechota@argolis.org)
Received: from localhost (piechota@localhost)
	by acropolis.argolis.org (8.13.6/8.13.6/Submit) with ESMTP id
	kBTF1B3r053691; Fri, 29 Dec 2006 10:01:12 -0500 (EST)
	(envelope-from piechota@argolis.org)
X-Authentication-Warning: acropolis.argolis.org: piechota owned process doing
	-bs
Date: Fri, 29 Dec 2006 10:01:11 -0500 (EST)
From: Matt Piechota <piechota@argolis.org>
To: Kostas Kourkounis <kkourkounis@gmail.com>
In-Reply-To: <bc595c040612290000o4c164bb4pa334ba72cfb503da@mail.gmail.com>
Message-ID: <20061229095905.L11633@acropolis.argolis.org>
References: <bc595c040612290000o4c164bb4pa334ba72cfb503da@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-security@freebsd.org
Subject: Re: ssh session from external machine
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Dec 2006 15:14:37 -0000

On Fri, 29 Dec 2006, Kostas Kourkounis wrote:

> I am having a small problem with the ssh daemon on my freebsd box. I am
> using the standard ssh daemon asked at the installation. I am able to acces
> my box using ssh from the internal lan network but not from any external
> machine. The error code is connection refused. I am using release 6.1 and my
> modem firewall permits the inbound traffic on port 22. I also use port
> forwarding for sending the traffic to port 22 to the correct machine where
> the ssh daemon is running. Maybe i am missing any configuration hint or
> something else.
> Does anyone has any Idea?

The first step I'd take would be to run tcpdump on your internal machine 
to verify that the packets are getting through the firewall, and if the 
internal machine is responding.

That's just troubleshooting 101.

-- 
Matt Piechota