From owner-freebsd-questions Fri Mar 1 12:46:47 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.cableone.net (mail1.cableone.net [24.116.0.51]) by hub.freebsd.org (Postfix) with ESMTP id B7C9D37B405 for ; Fri, 1 Mar 2002 12:46:34 -0800 (PST) Received: from mobile2.cableone.net ([24.116.49.212]) by mail1.cableone.net with Microsoft SMTPSVC(5.5.1877.687.68); Fri, 1 Mar 2002 13:46:33 -0700 Date: Fri, 1 Mar 2002 14:46:21 -0600 (CST) From: Denny White To: Sandro Mancuso Cc: 'Jeff Jirsa' , Subject: RE: sshd bind to port 22 fails In-Reply-To: <001c01c1c0ad$ff192e00$6400a8c0@windows> Message-ID: <20020301144508.E12864-100000@mobile2.cableone.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another missed message. Sorry. It's working now out of rc.conf with the sshd program path set & the old script in /usr/local/etc/rc.d disabled. Thanks again for the help. Good luck with the exams too. On Thu, 28 Feb 2002, Sandro Mancuso wrote: > Date: Thu, 28 Feb 2002 18:16:48 -0500 > From: Sandro Mancuso > To: 'Jeff Jirsa' , freebsd-questions@FreeBSD.ORG > Subject: RE: sshd bind to port 22 fails > > As far as I know, commenting out a service in inetd.conf will > disactivate it, I could be wrong though, I have a bunch of exams to > study for so I'm not about to start looking at it.. I know that you can > also do it the way you said (which I hadn't thought of) but if mine > doesn't work, my apologies. > > Sandro > > > -----Original Message----- > > From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd- > > questions@FreeBSD.ORG] On Behalf Of Jeff Jirsa > > Sent: February 28, 2002 11:45 AM > > To: freebsd-questions@FreeBSD.ORG > > Subject: Re: sshd bind to port 22 fails > > > > > > > > > You should also disable sshd in inetd.conf as there's no need to > > have 2 > > > of them running. > > > > You mean /etc/rc.conf or /etc/defaults/rc.conf, right? The FreeBSD > > default > > is to install the standard sshd and activate it in > > /etc/defaults/rc.conf . > > Any installed sshd ports will install their scripts into > > /usr/local/etc/rc.d/sshd.sh . The init scripts start the one in > > /etc/defaults/rc.conf first, and then run the local init scripts in > > /usr/local/etc/rc.d, which fail, because the port is already in use > > by the > > first process. > > > > Incidently, rather than disabling sshd in /etc/defaults/rc.conf, you > > could > > point it to the OpenSSH 3.02 binary (typically installed as > > /usr/local/sbin/sshd) , rather than the default binary (typically > > /usr/sbin/sshd), by setting the sshd_program parameter. > > > > > > - Jeff > > > > > Generally speaking if you don't need to have a listen > > > IP designated. That's really only if you want people to be able > > to ssh > > > in only on a specific IP. If, in my setup, I'd specify an IP like > > you > > > have, I would no longer be able to ssh from one machine to the > > other > > > through the internal LAN. I'd have to specifically SSH to the one > > in > > > the sshd conf. As far as security goes, If you only accept ssh > > > connections on the sshd u installed from the ports on the Local > > IP, > > > there's no real problem there, as no one should be able to get > > into your > > > internal LAN. However, as I previously said, the sshd that is > > included > > > in inetd is still running... > > > > > > Sandro > > > > > > > -----Original Message----- > > > > From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd- > > > > questions@FreeBSD.ORG] On Behalf Of Denny White > > > > Sent: February 28, 2002 5:41 AM > > > > To: igorr@speechpro.com > > > > Cc: freebsd-questions@FreeBSD.ORG > > > > Subject: Re: sshd bind to port 22 fails > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > Hash: SHA1 > > > > > > > > I have OpenSSH 3.0.2 installed on here. > > > > I'm still sort of new to this. Use it > > > > mostly since I have a constant connection > > > > here & 3 machines. I looked in sshd_config > > > > & saw where ports to listen to were both > > > > commented out (:: & 0.0.0.0) & I remembered > > > > seeing that in the error messages, so I > > > > thought that it must default to that unless > > > > otherwise entered. So, I bound it to this > > > > IP on the local area network & it works > > > > fine now with no error messages. Also, I > > > > forgot to mention before that I could ssh > > > > out but no one else could ssh in. Now > > > > that works too. Are there any security > > > > issues as far as binding sshd to this > > > > local IP? I never had to do that on the > > > > other 2 machines, but this is a newer > > > > version too, on this machine. Thanks. > > > > > > > > > > > > On Thu, 28 Feb 2002, Igor Roboul wrote: > > > > > > > > > Date: Thu, 28 Feb 2002 13:00:19 +0300 > > > > > From: Igor Roboul > > > > > Reply-To: igorr@speechpro.com > > > > > To: freebsd-questions@FreeBSD.ORG > > > > > Subject: Re: sshd bind to port 22 fails > > > > > > > > > > On Thu, Feb 28, 2002 at 03:39:06AM -0600, Denny White wrote: > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > > > Hash: SHA1 > > > > > > > > > > > > Just reinstalled 4.5 on old machine to > > > > > > use for webserver. When boot finishes, > > > > > > get following message: > > > > > > sshd[136]: error: Bind to port 22 on :: > > > > > > failed: Address already in use. > > > > > > Same message for localhost. > > > > > > Checked /etc/services & port 22 is > > > > > > reserved for ssh. OpenSSL version is 0.9.6a > > > > > > OpenSSH version is 3.0.2 with patch > > > > > > openbsd28_3.0.2 > > > > > > If I kill the process & then restart it, > > > > > > no error messages come up. Thanks > > > > > > for any help I can get on this. > > > > > Do you have some ssh port intsalled? > > > > > pkg_info | grep ssh > > > > > > > > > > -- > > > > > Igor Roboul, System administrator at Speech Technology Center > > > > > http://www.speechpro.com http://www.speechpro.ru > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-questions" in the body of the > > message > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > > > Version: GnuPG v1.0.6 (FreeBSD) > > > > Comment: For info see http://www.gnupg.org > > > > > > > > iD8DBQE8fglBy0Ty5RZE55oRAipXAKC1t1o3SYlM6fguqfBhcq4kMaMGPQCgk3ql > > > > HBE9vmqKx1OkROPfcRKuqvQ= > > > > =jwVO > > > > -----END PGP SIGNATURE----- > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Never eat more than you can lift. Miss Piggy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8f+iny0Ty5RZE55oRAu+oAJ9og8b4p0X+F5E3d6zZtdwAjdGssACeIb1a B+ayLfRP+7Fw0bYYd/ATF6Q= =wrdi -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message