cannot ssh into a box with DHCP assigned IP address
mexas at bristol.ac.uk
Wed Feb 20 13:55:11 UTC 2013
From feenberg at nber.org Wed Feb 20 13:39:28 2013
> From: Fleuriot Damien <ml at my.gd>
> To: mexas at bristol.ac.uk
> Subject: Re: cannot ssh into a box with DHCP assigned IP address
> Date: Wed, 20 Feb 2013 10:31:22 +0100
> Cc: freebsd-questions at freebsd.org
> On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht <mexas at bristol.ac.uk> wrote:
> > I have a laptop with FreeBSD -current,
> > with ip address assigned via DHCP.
> > The laptop has neither a static ip address,
> > nor a domain.
> > I can ping the laptop fine, but cannot
> > ssh into it. The sshd is running, /etc/ssh/ssd_config
> > seems fine, /etc/hosts.allow is fine.
> > However, /etc/hosts is just the default:
While on the problem machine, can you ssh to localhost? ssh to the IP
yes to both
I would suspect the problem is in /etc/hosts.allow
The first non-comment line in /etc/hosts.allow is
ALL : ALL : allow
and I don't have /etc/hosts.deny:
root at zzz:~ # ls /etc/hosts*
root at zzz:~ #
or perhaps the subnet mask is incorrect.
Well.. what should it be?
I have on the problem box (ssh server):
wlan0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1
inet 172.21.220.12 netmask 0xfffffc00 broadcast 255.255.255.255
media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0
country US authmode WPA2/802.11i privacy ON deftxkey UNDEF
AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 scanvalid 450
bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5
protmode CTS wme roaming MANUAL
I'm trying to ssh from 220.127.116.11.
I wonder, perhaps it somehow built into the
Eduroam wireless, provided by the University,
that the devices connected to it cannot be
accessible. They can only initiate outgoing
connections, but all incoming connections are
somehow blocked? Given that the majority of
the devices will be unsecured MS boxes, maybe
the university thought that this is wise idea
for safety. Perhaps I can investigate this
with my IT guys.
Or I might be talking complete nonsense here, not my area at all.
More information about the freebsd-questions