Date: Sat, 16 Sep 2006 17:50:06 +0900 From: Garrett Cooper <youshi10@u.washington.edu> To: freebsd-questions@freebsd.org Subject: Re: PAY offered - sshd won't allow client from same domain Message-ID: <A27A8BC0-D31D-428E-B917-578A1AA4A3A6@u.washington.edu> In-Reply-To: <B65B3EC5-1D8D-46AB-847F-E31034158868@redstarling.com> References: <B65B3EC5-1D8D-46AB-847F-E31034158868@redstarling.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 16, 2006, at 5:46 PM, ke han wrote: > I will PAY someone who can either answer this question or who wants > to log into my server and help me figure it out. I can pay an > hourly rate, make a donation to your favorite project...whatever. > This problem is killing my productivity!!!! > > I have a FreeBSD 6.1-p6 server running as server1.domain.com. > sshd is allowing connections from any client except those which > share the domain.com name..I can't be certain this is the problem, > but after a month of debugging, its the only common factor I can > find. My ssh client on server2.domain.com (also FreeBSD 6.1) > returns with "Read from socket failed: Connection reset by peer" as > output to my ssh client. On OS X the error message is "Write > failed: Broken pipe". > ...So mac.domain.com and server2.domain.com which are on different > networks from server1 (and from each other) are not allowed...I > don't get any useful error messages. Even setting sshd_config > LogLevel to DEBUG3 doesn't provide anything meaningful (to me) in > auth.log or debug.log > for server2.domain.com, I even have its ip as an A record in DNS > and server1 can see this. mac.domain.com is not so lucky as it > sits behind a DHCP NAT'ed structure. But this should hardly be a > problem...PuTTY on Windows XP with no domain setting and behind a > NAT'd DHCP structure CAN connect... > > Please allow me to offer some incentive this time around as this is > my third post on this problem to this maillist. I have not > received a single reply. > > Please get in touch. > thanks ke han Do you have kerberos compiled and in use for authentication on the FreeBSD server and are you using it on the OSX client? ssh -vv server1.domain.com says? -Garrett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A27A8BC0-D31D-428E-B917-578A1AA4A3A6>