From owner-freebsd-questions@FreeBSD.ORG Wed Feb 20 14:19:03 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 061F3708 for ; Wed, 20 Feb 2013 14:19:03 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wi0-f175.google.com (mail-wi0-f175.google.com [209.85.212.175]) by mx1.freebsd.org (Postfix) with ESMTP id 987AF735 for ; Wed, 20 Feb 2013 14:19:02 +0000 (UTC) Received: by mail-wi0-f175.google.com with SMTP id l13so6229157wie.14 for ; Wed, 20 Feb 2013 06:18:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=24BTvO94gqxSb78+K0N1XSAgfjBviTmHzEHHXkjz/NY=; b=KDVJp6cVv6QmNnbxiV3xM6kHOdcl/CcwBhyOIiAjC5xqOpAm4kZ1S7OkHQ8wfoLS4k vjZ/09nJ/EpcPssQfV99Cc3v8SPsHPExzm4ed9vPBEvWCcgXUKYDPxM3UT68Bf3oi1OU 4wXhytHuR3tlu70m9mRVnL/+sEguumoKzvrpmSabL2mpGU7Fhjo9EStckiV69kdm31qm njzlc6H5P6hkRepcRJAjtznRceQpBnVmNIwIUILGcz8au1zftcBnUWfQoGpEoiNoOnAw aGV2sJ7qS1AJiTkpldW4okroTE9vV/wmJv20RtmhrFA8gSCXRC7e60l8ffS1dKFQ9Ofz Sy7Q== X-Received: by 10.194.86.38 with SMTP id m6mr34258080wjz.13.1361369931541; Wed, 20 Feb 2013 06:18:51 -0800 (PST) Received: from dfleuriot-at-hi-media.com ([83.167.62.196]) by mx.google.com with ESMTPS id fx5sm34165058wib.11.2013.02.20.06.18.48 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 20 Feb 2013 06:18:49 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) Subject: Re: cannot ssh into a box with DHCP assigned IP address From: Fleuriot Damien In-Reply-To: <201302201355.r1KDt8Lt063091@mech-cluster241.men.bris.ac.uk> Date: Wed, 20 Feb 2013 15:18:47 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: <685C610D-D19A-46FE-851F-3A00EACF3AE3@my.gd> References: <201302201355.r1KDt8Lt063091@mech-cluster241.men.bris.ac.uk> To: mexas@bristol.ac.uk X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQnoOY18NJcsONOvQlMi7bH8LsFn9jczmfs4fELQPQVUHpmmWFFXga46C2kwlZHgZURA+ZPV Cc: feenberg@nber.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Feb 2013 14:19:03 -0000 On Feb 20, 2013, at 2:55 PM, Anton Shterenlikht = wrote: > =46rom feenberg@nber.org Wed Feb 20 13:39:28 2013 >=20 > > From: Fleuriot Damien > > To: mexas@bristol.ac.uk > > Subject: Re: cannot ssh into a box with DHCP assigned IP = address > > Date: Wed, 20 Feb 2013 10:31:22 +0100 > > Cc: freebsd-questions@freebsd.org > > > > On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht = wrote: > > > > > I have a laptop with FreeBSD -current, > > > with ip address assigned via DHCP. > > > The laptop has neither a static ip address, > > > nor a domain. > > > > > > I can ping the laptop fine, but cannot > > > ssh into it. The sshd is running, /etc/ssh/ssd_config > > > seems fine, /etc/hosts.allow is fine. > > > However, /etc/hosts is just the default: >=20 > While on the problem machine, can you ssh to localhost? ssh to = the IP=20 > address? >=20 > yes to both >=20 > I would suspect the problem is in /etc/hosts.allow > or /etc/hosts.deny, >=20 > The first non-comment line in /etc/hosts.allow is > ALL : ALL : allow >=20 > and I don't have /etc/hosts.deny: >=20 > root@zzz:~ # ls /etc/hosts* > /etc/hosts /etc/hosts.equiv > /etc/hosts.allow /etc/hosts.lpd > root@zzz:~ # >=20 > or perhaps the subnet mask is incorrect. >=20 > Well.. what should it be? > I have on the problem box (ssh server): >=20 > wlan0: flags=3D8943 = metric 0 mtu 1 > 500 > ether 00:21:5c:50:68:c3 > inet 172.21.220.12 netmask 0xfffffc00 broadcast 255.255.255.255 > nd6 options=3D29 > media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g > status: associated > ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0 > country US authmode WPA2/802.11i privacy ON deftxkey UNDEF > AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 = scanvalid 450 > bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 > protmode CTS wme roaming MANUAL >=20 > I'm trying to ssh from 137.222.187.241. >=20 > I wonder, perhaps it somehow built into the > Eduroam wireless, provided by the University, > that the devices connected to it cannot be > accessible. They can only initiate outgoing > connections, but all incoming connections are > somehow blocked? Given that the majority of > the devices will be unsecured MS boxes, maybe > the university thought that this is wise idea > for safety. Perhaps I can investigate this > with my IT guys.=20 >=20 > Or I might be talking complete nonsense here, not my area at all. >=20 > Thanks >=20 > Anton >=20 Any luck with Daniel's suggestion to try it directly on the problematic = host ? ssh 127.0.0.1 ssh localhost ssh 172.21.220.12