NEW: cannot ssh to my computer
Ivan Georgiev
georgiev at vt.edu
Mon Nov 22 13:26:18 PST 2004
On Monday 22 November 2004 02:59 pm, Shantanoo Mahajan wrote:
> +++ Ivan Georgiev [freebsd] [22-11-04 07:41 -0500]:
> | On Monday 22 November 2004 06:39 am, Dick Davies wrote:
> | > * Panagiotis Christias <christias at gmail.com> [1116 09:16]:
> | > > On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev <georgiev at vt.edu>
wrote:
> | > > > Just another thing ...
> | > > >
> | > > > If I remove myself from the group wheel then I CAN ssh to my
> | > > > computer; if I put myself back to wheel - then CANNOT ssh to the
> | > > > computer.
> | > > >
> | > > > How can I ssh and be a member of the wheel group?
> | > >
> | > > In that case, maybe "PermitRootLogin yes" in /etc/ssh/sshd_config and
> | > > restarting sshd would help.
> | >
> | > That setting shouldn't affect wheel logins.
> |
> | Changing PermitRootLogin to "yes" didn't do it ....
>
> what's in /etc/hosts.allow?
Whatever is in the default 5-3-RELEASE installation. I haven't touched that :
ALL : ALL : allow
#sshd : .evil.cracker.example.com : deny
ALL : PARANOID : RFC931 20 : deny
ALL : localhost 127.0.0.1 [::1] : allow
ALL : my.machine.example.com 192.0.2.35 : allow
ALL : [fe80::%fxp0]/10 : allow
ALL : [fe80::]/10 : deny
ALL : [2001:db8:2:1:2:3:4:3fe1] : deny
ALL : [2001:db8:2:1::]/64 : allow
sendmail : localhost : allow
sendmail : .nice.guy.example.com : allow
sendmail : .evil.cracker.example.com : deny
sendmail : ALL : allow
exim : localhost : allow
exim : .nice.guy.example.com : allow
exim : .evil.cracker.example.com : deny
exim : ALL : allow
rpcbind : 192.0.2.32/255.255.255.224 : allow
rpcbind : 192.0.2.96/255.255.255.224 : allow
rpcbind : ALL : deny
ypserv : localhost : allow
ypserv : .unsafe.my.net.example.com : deny
ypserv : .my.net.example.com : allow
ypserv : ALL : deny
ftpd : localhost : allow
ftpd : .nice.guy.example.com : allow
ftpd : .evil.cracker.example.com : deny
ftpd : ALL : allow
fingerd : ALL \
: spawn (echo Finger. | \
/usr/bin/mail -s "tcpd\: %u@%h[%a] fingered me!" root) & \
: deny
ALL : ALL \
: severity auth.info \
: twist /bin/echo "You are not welcome to use %d from %h."
More information about the freebsd-questions
mailing list