Ssh connection

Rob spamrefuse at yahoo.com
Sun Sep 19 14:30:08 PDT 2004 

Pota Kalima wrote:
> On 19/9/04 6:24 pm, "Kevin Stevens" <freebsd at pursued-with.net> wrote:
> 
> 
>>On Sep 19, 2004, at 10:17, Pota Kalima wrote:
>>
>>
>>>On 19/9/04 5:56 pm, "Kevin Stevens" <freebsd at pursued-with.net> wrote:
>>>
>>>>What happens if you try to ssh to the machine from itself?
>>>>
>>>>KeS
>>>>
>>>
>>>Tried to ssh to machine itself and got the following:
>>>
>>>$ Ssh 192.168.0.5
>>>The authenticity of host '192.168.0.5 (192.168.0.5)' can't be
>>>established.
>>>DSA key fingerprint is 42:98:e3:11:
>>>Are you sure you want to continue connecting (yes/no)? Yes
>>>Warning: Permanently added '192.168.0.5' (DSA) to the list of known
>>>hosts.
>>>
>>>[There was a prolonged pause here, I almost rebooted the machine]
>>>
>>>Sep 19 18:10:00 localhost sshd[581]: fatal: Timeout before
>>>authentification
>>>for 192.168.0.5
>>>Connection closed by 192.168.0.5
>>
>>Well, there you go.  Better get it working locally before worrying
>>about connecting from other machines - at least it's easier to
>>troubleshoot that way.  You can start adding -v's to your session
>>command to get more details.
>>
>>KeS
>>
> 
> 
> Well, here goes,
> 
> $ ssh -v 192.168.0.5
> [Rapid scroll of screen load of stuff, and then ...from about half-way down
> the screen]
> ...
> debug1: Host '192.168.0.5' is known and matches the DSA host key.
> debug1: Found key in /home/pota/.ssh/known_hosts:3
> debug1: ssh_dss_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> Sep 19 18:29:09 localhost sshd[627]: fatal: Timeout before authentification
> for 192.168.0.5
> Connection closed by 192.168.0.5
> debug1: Calling cleanup 0x804c7a4(0x0)
> 

What is there in /var/log/messages about refused sshd connections?

How are you allowing sshd connection in /etc/hosts.allow ?
If you have made /etc/hosts.allow restrictive, then be sure
there's a line like:
    sshd : ALL : allow
or replace 'ALL' by those you want to access your machine by sshd.

Rob.

More information about the freebsd-questions mailing list