On Thu, May 06, 2010 at 04:48:30PM -0500, Tim Daneliuk wrote:
> On 5/6/2010 4:41 PM, Tim Daneliuk wrote:
> > On 5/6/2010 4:35 PM, Gary Kline wrote:
> >> On Thu, May 06, 2010 at 12:32:18PM -0500, Tim Daneliuk wrote:
> >>> On 5/6/2010 12:21 PM, Gary Kline wrote:
> >>>>
> >>>> can anybody help me with ne of my last problems: getting ssh Into
> >>>> my new comuter? i am able to ssh outside. need to scp my config
> >>>> files over.
> >>>>
> >>>> sshd is running on "zen"
> >>>>
> >>>>
> >>>
> >>> This generally involves two or three steps:
> >>>
> >>> 1) Make sure /etc/rc.conf has this in it:
> >>>
> >>> sshd_enable="YES"
> >>
> >> Yes; this was my first try. no diff.
> >>>
> >>> 2) Make sure /etc/hosts.allow permits access
> >>> to your machine via ssh. Something like this:
> >>>
> >>> sshd: 192.168. a_host-name.com an.ip.add.ress :ALLOW
> >>>
> >>> Some people do this:
> >>>
> >>> sshd: ALL :ALLOW
> >>>
> >>> That's fine if the machine sits on a trusted LAN, but I don't
> >>> much like this for machines that are internet-facing ... it
> >>> just provides another vector for attack. So, for such machines,
> >>> I explicitly name the address and names that are permitted ssh access.
> >>
> >> ok. itried this; have not rebooted yet. no difference right
> >> now.
> >>
> >>>
> >>> 3) If you're running a firewall, make sure that the sshd ports
> >>> (22/tcp and 22/udp) are open for those machines/addresses
> >>> you want to connect into your FreeBSD box.
> >>>
> >>
> >>
> >> i'm runnning a pfSense computer; pretty sure that things are
> >> sett correctly there.
> >>
> >>>
> >>> If you are still having trouble, go to the client machine
> >>> and invoke your session like this:
> >>>
> >>> ssh -vvvvv your_freebsd_machine
> >>>
> >>
> >> the files in /etc/ssh were the first thing i thought of
> >> editing. didn't see many differences between rel 8.0 and my
> >> current 7.3. still, here is the verbose output.
> >>
> >>
> >> pl 14:20 <tao> [5036] ssh zen
> >> ssh: connect to host zen port 22: Connection refused
> >> pl 14:20 <tao> [5037] ssh -vvvv zen
> >> OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007
> >> debug1: Reading configuration data /etc/ssh/ssh_config
> >> debug2: ssh_connect: needpriv 0
> >> debug1: Connecting to zen [10.47.0.190] port 22.
> >> debug1: connect to address 10.47.0.190 port 22: Connection
> >> refused
> >> ssh: connect to host zen port 22: Connection refused
> >> pl 14:22 <tao> [5038]
> >>
> >> any idea what the ``needpriv 0'' means?
> >>
> >>
> >>
> >
> >
> > What's in your /etc/hosts.allow file?
> >
>
>
> Oh ... one other thing ... make sure sshd is actually running.
> If you changed the /etc/rc.conf enable line without either rebooting
> or doing a kill -HUP 1, you may not have a running daemon.
>
i'm like 9.99-bar % sure sshd is up; i did ti the long way by
sh /etc/rc.d/ssh restart
and so it has to have exec. i just poked around on google
and there is some noise about ssh failing from outside.
i'm downloading a cd of 8.0 (i386)! of the Real-Thing: freebsd.
it should be about an hour. the main//only reason i messed
with linux was that for reasons unknown [completely], FBSD
messed up on streams. but in just the past several weeks i'm
able to play audio and video streams here on my old '03 Dell.
i've got 7.3 here, but using firefox3: yes. i use konqueror
because it has text/speech builtin. on the kde4, i see that
konq4 seems ready to play streams. nutshell, no more going
to/fro.
>
> --
> ----------------------------------------------------------------------------
> Tim Daneliuk tundra at tundraware.com
> PGP Key: http://www.tundraware.com/PGP/
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
--
Gary Kline kline at thought.org http://www.thought.org Public Service Unix
The 7.83a release of Jottings: http://jottings.thought.org/index.php
http://journey.thought.org 99 44/100% Guaranteed Novel