Re: fedora core 4 and sshd
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

Re: fedora core 4 and sshd

From: Ansgar -59cobalt- Wiechers <usenet-2006@planetcobalt.net>
Date: Thu Feb 09 2006 - 00:04:35 CET



brenda wrote:


> Here is the sshd_config


> #start


> Port 2200


> Protocol 2


> SyslogFacility AUTHPRIV


> #LogLevel INFO


> # Authentication:


> #AllowUsers brenda



*sigh*



Didn't I expressly ask you to remove each line starting with a # (to


keep the quote short)?



> AllowUsers brenda@coffeshopIp



Is "coffeeshopIp" the actual *external* IP address of that coffee shop?



[...]


> [root@fedora brenda]# netstat -nlt


> Active Internet connections (only servers)


> Proto Recv-Q Send-Q Local Address         Foreign Address    State


[...]


> tcp        0      0 :::2200               :::*               LISTEN


[...]


> the 2200 is what i get when I switch it to port 2200.



For some reason your sshd listens only on the IPv6 address. Does the


coffee shop use IPv6? Try adding one of the following lines to your


sshd_config:



  "ListenAddress 192.168.20.x"


  "ListenAddress 0.0.0.0"


  "AddressFamily inet"


  "AddressFamily any"



Does your server actually *have* an IPv4 address? What does "ifconfig"


say?



> For the nat linksys


> the web page has 2200 t0 2200  Ip=192.168.20.X



I don't have experience with IPv6, but your router forwarding to an IPv4


address, whereas the server listens on an IPv6 address, may (or may not)


have something to do with your problem.



BTW, obfuscating private addresses like 192.168.20.x is pretty


pointless.



> I'm confused.  Could it be the pam_abl?



I doubt it.



cu


59cobalt



-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq


Received on Mon May  1 00:49:44 2006