Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Help With Ssh
jdklusman
post Mar 3 2004, 12:20 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 7
Joined: 19-June 03
Member No.: 986



Okies, I was trying to setup SSH server on my linux box. I had it working on the last install, just the way i liked it. I would iniate a connection with putty from my windows machine, a screen would pop up saying "blah blah key retrieved blah blah" and every time after that i was able to just log in like a telnet session.
Well, I was hacked into about a week ago, i have spent this week going over my security setup, and decided it needed some major work. I over hauled it and using shorewall, i set every connection in the policy to drop (loc, net, fw) and for all to all to reject. I then set some rules up for each IP in my rules for each port i wanted them to use. I set my windows machine's access to the ssh server on the linux box using this:

ACCEPT loc:192.168.0.2 fw tcp 22
ACCEPT loc:192.168.0.2 fw udp 22

I opened a log monitor and watched the messeges come in when i was trying to connect with putty. Normally I get alot of messages from droped hits on my WAN nic, but i never saw a single drop or reject from shorewall on the connection attempts. This lead me to believe that shorewall wasn't my problem. Putty never pops up the key accept window like it did with the old setup, instead it sits there and pops up a "connection refused" and then in the message log i am monitoring i see sshd: refused 192.168.0.2
I have a feeling it has something to do with the key's, but i don't know what. I followed each guide on the web with no luck. I su to root and then change to /etc directory and issue the ssh_keygen -b 1024 -t (rsa1, rsa, dsa.... i do them all) -f /etc/ssh_host_key -N ". I have mixed and matched using a little from each guide and following each guide completely with no luck. When i connect on the linux box to test it i can't connect on the LAN nic's ip, but i can on the loop-back. I changed the listening address in the config to the LAN nic's ip, still no luck. Im wondering if i should format and start with a clean slate.
Sorry if this is disjointed and hard to understand been hammering on this all night real tired, and the percocet is kicking in ... yay for that, but also means im done for the night lol.
Go to the top of the page
 
+Quote Post
hughesjr
post Mar 3 2004, 08:13 AM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



I know this is obvious ... but, did you try:

/etc/init.d/sshd start


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post
jdklusman
post Mar 4 2004, 12:40 AM
Post #3


Whats this Lie-nix Thing?
*

Group: Members
Posts: 7
Joined: 19-June 03
Member No.: 986



PercOcet is fun, but not that fun. sshd was running. I did fix my prob. tho. Just in case anybody else is having problems with mandrake and services behind shorewall (iptables) check your hosts.denny for a entry ALL : ALL. It will more than likely be there go into the hosts.allow and put in the xindent name of the service you are trying to gain access to.
In my case i had to add

sshd : ALL

after doing this and seeing that if fixed my problem i narrowed down who could hit this service (even tho the firewall should stop all but the 1 ip i set in the rules) I changed the entry to

sshd : 192.168.0.3

Only that ip can access sshd smile.gif if you wanted to allow certian number of computers, say your entire lan but not any one with a public ip you could use

sshd : 192.168.0.0/24

I didn't do this because im extremely paranoid and it is possible for a hacker to spoof a private IP but chances of it happening are slim to none.
Go to the top of the page
 
+Quote Post
hughesjr
post Mar 4 2004, 07:25 AM
Post #4


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



Hey, I didn't want to ask about sshd ... but you want to start with the easy stuff first. biggrin.gif

Shorewall is a good product, but the IP MASQ HowTo's script is also good ... just info for the future.


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 11th December 2017 - 12:12 PM