Trustix IPTABLES Newbie/manual ssh configuration
location: linuxquestions.com - date: September 2, 2005
I'm new to IPTABLES and Trustix. I've always used applications like Guarddog to create firewall rules. Now I'm looking at securing my Trustix server, which doesn't have a Window Manager... to run an application like Guarddog.
I was wondering if any kind soul has an IPTABLES script that allows samba and ssh on the LOCAL interface, and of course http for security updates. Also, I have no idea where to put the files and scripts so they'll run at start-up.
I'm also having problems manually configuring ssh, I've searched Google but can't seem to find what I'm looking for. Can someone help me please!
ssh configuration problem
location: ubuntuforums.com - date: January 10, 2012
Hi everybody, I have same problems whit ssh on my server...
I cannot start the ssh service, in fact if I run services --status-all I recieve [ - ] ssh
If I run /etc/init.d/ssh start (or restart) I don't get any message and I don't know where to look to debug the problem, any suggestion?
I coudn't try the re-install of openssh and I hope you can help me find the configuration problem!
This is the messages I recieve if I run the command: ssh -v localhost
Code:
debug:SshAppCommon/sshappcommon.c:154/ssh_app_get_global_regex_context: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2184/ssh2_parse_config: Unable to open /root/.ssh2/ssh2_config
debug: Connecting to localhost, port 22...
debug: Ssh2/ssh2.c:1956/main: Entering event loop.
ssh: FATAL: Connecting to localhost failed: Connection Refused
This is the messages I recieve if I run the command: /usr/bin/ssh -v localhost
Code:
OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Rea
iptables and ssh
location: ubuntuforums.com - date: October 1, 2009
Im having issues getting iptables to allow an inbound connection for ssh. I have port forwarding enabled on my router, and can access the machine via ssh when iptables is stopped.
The rule I used to allow the connection is:
Code:
iptables -A open -p tcp --dport 26 -j ACCEPT
I have sshd setup to use port 26 rather than port 22. Even in a local network setting, I cannot get a connection.
My /etc/ssh/ssh_config is as follows:
Code:
# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# confi
ssh configuration file
location: linuxquestions.com - date: January 5, 2007
I am sure this has been asked before, but I don't know how to phrase it to search correctly.
I ssh to a server and issue do some port forwarding. Its a long command line string that I either need to type or copy and paste from history.
Can't I create a file, that contains this information and the just issue "ssh mysever" and have it look in that file for the specific port to forward and other parameters?
I even have an old example but don't know where to put it or the file name
host myserver
IdentityFile ~/.ssh/id_rsa_ssgi
User thisisme
LocalForward 5920 localhost:5920
LocalForward 5901 localhost:5901
Thanks.
ssh Configuration file does not specify default realm
location: linuxquestions.com - date: May 22, 2008
Hi,
I have just discovered a strange SSH problem on my home server. When I try to ssh into the server I get the following error message:
Code:
OpenVPN, iptables, and ssh hangs
location: linuxquestions.com - date: October 29, 2008
I have the following setup:
Server A: main server - ssh connections initiated from here
Server B: intermediary - iptables masquerades for Server A
Server C: this is the server I connect to via ssh
Servers A and B are connected via an OpenVPN link. I have a route to the IP of Server C configured on Server A, with a gateway of Server B's tun0 interface IP.
On Server B, I use iptables to masquerade - the originating IP cannot be routed within this network.
This setup works fine in one of my other networks. For some reason, ssh hangs randomly in my problem network.
If I ssh from Server A to Server B, and then ssh from Server B to Server C I have no problems. Only when I route/masquerade with iptables do I see the problem.
Server B is RHEL 4, with a 2.6.9 kernel. OpenVPN is 2.0.9 on both Server A and Server B.
It should be noted that Server B is a virtual server in VMWare. It does not have a real NIC, could this possibly be an issue?
Thanks in advance for any insig
router iptables refuses ssh connection
location: ubuntuforums.com - date: August 26, 2012
Hey,
I'm currently updating my router and there seems to be a problem with the iptables rules.
Current config:
DSL Modem -> Lan1 ->Router -> Lan2
When I try to connect from Lan2 to the Router everything's fine but if I try to connect from Lan1 to the router I get:
Code:
ssh: connect to host 192.168.0.15 port 22: No route to host
but I can ping the router from Lan1 and everything's fine from Lan2.
Script:
Code:
# External (Internet-facing) interface
EXTIF=”eth0″
# External IP address (automatically detected)
EXTIP=$(/sbin/ip addr show dev “$EXTIF” | perl -lne ‘if(/inet (\S+)/){print$1;last}’);
# Internal interface
INTIF=”br0″
# Internal IP address (in CIDR notation)
INTIP=”192.168.1.1/32″
# Internal network address (in CIDR notation)
INTNET=”192.168.1.0/24″
# The address of anything/everything (in CIDR notation)
UNIVERSE=”0.0.0.0/0″
echo “External: [Interface=$EXTIF] [IP=$EXTIP]”
echo “Internal: [Interface=$INTIF] [IP=$INTIP]
Port Forwarding with iptables or ssh
location: linuxquestions.com - date: July 6, 2008
Hi,
I need to access a server on a remote site from a Windows workstation via ADSL/NAT port forwarding. The server is running an OS called THEOS and I have just found out from the suppliers that the particular version of THEOS that's running will not accept a workstation connection from an IP-based client that's off the local network. I do have access to a PC on site via an RDP session but this means 'taking over' a user's PC.
One option would be a bridge/vpn to the network but I have also been reading about using iptables to do local port forwarding - there's a Linux server on site so maybe I could bounce a connection through it? THEOS Workstation needs to use UDP port 3256.
A couple of issues for which I'd appreciate some input:
iptables is not currently running on the remote linux server and I am concerned that if I turn it on I will chop off ssh access (on port 8429) and then need to make a trip to site (4 hour round trip) to fix the problem because the Linux server is
SSH configuration in Fedora 9
location: linuxquestions.com - date: October 3, 2009
Dear All,
I'm not success with SSH configuration in Fedora 9!
Is there anyone can help me by replying the steps of SSH in Fedora 9?
Any reply is highly apriatiated..
Thanks in advance..
Nabil
iptables: forwarding SSH connection: eth0 to eth1
location: linuxquestions.com - date: January 14, 2005
Hello
I'm trying to forward SSH connections in my LAN from one computer to another using iptables, however, I'm stuck. Yet, I think I'm just about there, if someone could give me a small hand here.
At the moment my internet comes into my flat and is then routed with a linksys router. This has an external IP, and a private one (10.0.0.1). At the moment, my server is set up as a DMZ, and any SSH requests to my flat are sent straight to my server.
Instead, I would like SSH requests to be routed (using iptables) by my server and sent to another computer.
My server has two cards: eth0 10.0.0.2 and eth1 192.168.0.1 . The other computer (call it COMP3) has IP eth0: 192.168.0.1.
At the moment my server and COMP3 can chat to each other (ie they can ping one another, and I can SSH in from one to the other.
I would like that, whenever I SSH to my flat the Linksys router sends the request to my server, and then my server says "oh, this is an SSH request, I ad better send it
please wait...
Page: 1 2 3 4 5 6 7 8 9 10