SSH

[Ken Ebling]

On Jul 13, 2005, at 6:50 AM, Andrew Budiwaluyo wrote:

> I can ssh (and access http) to my server from the
> internet, but not from my internal network.
>
> if i turn off the firewall it still won't work so i
> think it's no from ipf.rules.
>
> Help!
>
> If I ssh from an internal machine, I get the login
> prompt, but after typing a username, I am never asked
> for a password...


I have this problem every now and then when I setup a machine on my  
local 192.168.0.0/24 network.  There are a few ways to solve this.

1)  modify /etc/ssh/sshd_config and change "#UsePrivilegeSeparation  
yes" to "UsePrivilegeSeparation no" and kill and restart sshd
2)  modify /etc/hosts and list the ip addresses of the machines  
you'll be connecting from

The problem is that with privilege separation enabled, sometimes the  
sshd daemon tries to lookup the hostname of the computer you're  
connecting from, and it can't, so it hangs and times out.  I usually  
try #2 first, and if that doesn't work, I'll disable privilege  
separation, which always fixes the problem.

Thanks,

Ken Ebling