From owner-freebsd-questions@FreeBSD.ORG Wed Feb 20 13:55:11 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 49603CB6 for ; Wed, 20 Feb 2013 13:55:11 +0000 (UTC) (envelope-from mexas@bristol.ac.uk) Received: from dirg.bris.ac.uk (dirg.bris.ac.uk [137.222.10.102]) by mx1.freebsd.org (Postfix) with ESMTP id 0F78E35D for ; Wed, 20 Feb 2013 13:55:10 +0000 (UTC) Received: from ncsc.bris.ac.uk ([137.222.10.41]) by dirg.bris.ac.uk with esmtp (Exim 4.72) (envelope-from ) id 1U8A8b-000521-VU; Wed, 20 Feb 2013 13:55:10 +0000 Received: from mech-cluster241.men.bris.ac.uk ([137.222.187.241]) by ncsc.bris.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1U8A8b-0003Zm-8E; Wed, 20 Feb 2013 13:55:09 +0000 Received: from mech-cluster241.men.bris.ac.uk (localhost [127.0.0.1]) by mech-cluster241.men.bris.ac.uk (8.14.6/8.14.6) with ESMTP id r1KDt8ft063092; Wed, 20 Feb 2013 13:55:08 GMT (envelope-from mexas@mech-cluster241.men.bris.ac.uk) Received: (from mexas@localhost) by mech-cluster241.men.bris.ac.uk (8.14.6/8.14.6/Submit) id r1KDt8Lt063091; Wed, 20 Feb 2013 13:55:08 GMT (envelope-from mexas) Date: Wed, 20 Feb 2013 13:55:08 GMT From: Anton Shterenlikht Message-Id: <201302201355.r1KDt8Lt063091@mech-cluster241.men.bris.ac.uk> To: feenberg@nber.org, mexas@bristol.ac.uk Subject: Re: cannot ssh into a box with DHCP assigned IP address In-Reply-To: Cc: ml@my.gd, freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: mexas@bristol.ac.uk List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Feb 2013 13:55:11 -0000 From feenberg@nber.org Wed Feb 20 13:39:28 2013 > From: Fleuriot Damien > To: mexas@bristol.ac.uk > Subject: Re: cannot ssh into a box with DHCP assigned IP address > Date: Wed, 20 Feb 2013 10:31:22 +0100 > Cc: freebsd-questions@freebsd.org > > On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht wrote: > > > I have a laptop with FreeBSD -current, > > with ip address assigned via DHCP. > > The laptop has neither a static ip address, > > nor a domain. > > > > I can ping the laptop fine, but cannot > > ssh into it. The sshd is running, /etc/ssh/ssd_config > > seems fine, /etc/hosts.allow is fine. > > However, /etc/hosts is just the default: While on the problem machine, can you ssh to localhost? ssh to the IP address? yes to both I would suspect the problem is in /etc/hosts.allow or /etc/hosts.deny, The first non-comment line in /etc/hosts.allow is ALL : ALL : allow and I don't have /etc/hosts.deny: root@zzz:~ # ls /etc/hosts* /etc/hosts /etc/hosts.equiv /etc/hosts.allow /etc/hosts.lpd root@zzz:~ # or perhaps the subnet mask is incorrect. Well.. what should it be? I have on the problem box (ssh server): wlan0: flags=8943 metric 0 mtu 1 500 ether 00:21:5c:50:68:c3 inet 172.21.220.12 netmask 0xfffffc00 broadcast 255.255.255.255 nd6 options=29 media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g status: associated ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0 country US authmode WPA2/802.11i privacy ON deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 scanvalid 450 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS wme roaming MANUAL I'm trying to ssh from 137.222.187.241. I wonder, perhaps it somehow built into the Eduroam wireless, provided by the University, that the devices connected to it cannot be accessible. They can only initiate outgoing connections, but all incoming connections are somehow blocked? Given that the majority of the devices will be unsecured MS boxes, maybe the university thought that this is wise idea for safety. Perhaps I can investigate this with my IT guys. Or I might be talking complete nonsense here, not my area at all. Thanks Anton