[nmglug] SSH problem
Todd Richardson
trichardson at cvecoop.org
Tue Mar 25 07:01:58 PDT 2008
Ahh... I thought my network senses were tingling with this one.
Packets get in, but they can't get out!
Thanks for keeping us up to date.
-Todd Richardson
On Mon, 2008-03-24 at 15:28 -0600, Bill York wrote:
> well damn. never forget your lower layers, boys and girls.
>
> like the clever admin i am, i put this host on a more secure subnet
> that does not have Internet access. but to do my 'yum update' i needed
> access. so -- hey! i'll just configure the secondary interface for
> Internet access and plug 'er in. What else do I need?
>
> A default gateway. New gateway overrides old gateway. old network no
> work no more.
>
> sorry, everyone.
>
> On Sat, Mar 22, 2008 at 3:39 PM, Bill York <iago at pobox.com> wrote:
> :)
>
> update: there are no entries in either the allow or deny
> files. I'll post the result of the tcpdump on monday.
>
> thanks!
>
>
>
> On Sat, Mar 22, 2008 at 2:57 PM, Sam Noble
> <sam at thepromisedlan.org> wrote:
>
> On Fri, 2008-03-21 at 12:15 -0600, Bill York wrote:
> > i'll look into it - first thing monday. i'm a state
> employee and i got
> > admin time to burn.
>
>
> Viva state employment.
>
> FYI Bill, sshd in Red Hat _does_ use the hosts.allow
> hosts.deny files,
> even though it doesn't use tcpd. Apparently if you
> need to set up
> hosts.allow/deny for your inetd stuff, the only way to
> make ssh ignore
> it is to recompile without libwrap.
>
>
> _______________________________________________
> nmglug mailing list
> nmglug at nmglug.org
> https://nmglug.org/mailman/listinfo/nmglug
>
>
>
>
> _______________________________________________
> nmglug mailing list
> nmglug at nmglug.org
> https://nmglug.org/mailman/listinfo/nmglug
More information about the nmglug
mailing list