Subject: Re: Problem with remote login - via dynamic DNS - still in trouble
From: Ben Ricker (bricker@us-rx.com)
Date: Thu Feb 15 2001 - 11:10:17 MST
This problem is multi-faceted. Are you running SSH as an inetd service?
Are you wrapping the service in TCPwrappers? If you answered yes to all
of these questions, then you probably have your hosts.allow and
hosts.deny setup incorrectly.
If you run SSH as a deamon, then what user do you start it with? If it
is not started at boot, by root, it cannot bind to ports >1024 (a
security limit at the kernel level; only root can bind to ports >1024).
If you do run SSHD on boot, then check the sshd_config file for any
login and/or host restrictions (if you send them to me privately, I can
see if I see a problem).
Another problem: did you move the sshd file to the /etc/pam.d folder (if
you are using password authentication as well as key certification)? See
the INSTALL readme.
Finally, go to http://sysadmin.oreilly.com/news/sshtips_0101.html for
some good tips and troubleshooting info.
Good Luck!
Ben Ricker
Senior System Administrator
US-Rx, Inc.
>Thanks to Ben for ticking me off about the security issues! I
installed
>ssh. It works fine across my LAN but when I try going via the dynamic
DNS
>route this is what I get ...
>SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
>Compiled with SSL (0x0090581f).
>debug: Reading configuration data /etc/ssh/ssh_config
>debug: Seeding random number generator
>debug: ssh_connect: getuid 0 geteuid 0 anon 0
>debug: Connecting to iain.fakeaddress.com [www.xxx.yyy.zzz] port 22.
>debug: Seeding random number generator
>debug: Allocated local port 657.
>debug: connect: Connection refused
>So it looks as though the connection path is broken somehow - any ideas
as
>to what might work?
> Iain
This archive was generated by hypermail 2a24 : Thu Feb 15 2001 - 11:12:56 MST