From owner-freebsd-questions@FreeBSD.ORG Fri May 7 00:18:24 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 70B351065670 for ; Fri, 7 May 2010 00:18:24 +0000 (UTC) (envelope-from kline@thought.org) Received: from ethic.thought.org (plato.thought.org [209.180.213.209]) by mx1.freebsd.org (Postfix) with ESMTP id EB2238FC13 for ; Fri, 7 May 2010 00:18:23 +0000 (UTC) Received: from thought.org (tao.thought.org [10.47.0.250]) (authenticated bits=0) by ethic.thought.org (8.14.3/8.14.3) with ESMTP id o470IIHa032242; Thu, 6 May 2010 17:18:18 -0700 (PDT) (envelope-from kline@thought.org) Received: by thought.org (nbSMTP-1.00) for uid 1002 kline@thought.org; Thu, 6 May 2010 17:18:17 -0700 (PDT) Date: Thu, 6 May 2010 17:18:17 -0700 From: Gary Kline To: Tim Daneliuk Message-ID: <20100507001817.GB43291@thought.org> References: <20100506172149.GA42430@thought.org> <4BE2FD22.3060302@tundraware.com> <20100506213556.GB42975@thought.org> <4BE33781.90108@tundraware.com> <4BE3392E.6030405@tundraware.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4BE3392E.6030405@tundraware.com> User-Agent: Mutt/1.4.2.3i X-Organization: Thought Unlimited. Public service Unix since 1986. X-Of_Interest: With 23 years of service to the Unix community. X-Spam-Status: No, score=-0.2 required=3.6 tests=ALL_TRUSTED,BAYES_00, GUARANTEED_100_PERCENT,T_RP_MATCHES_RCVD autolearn=no version=3.3.0 X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on ethic.thought.org Cc: FreeBSD Mailing List Subject: Re: ssh: port 22: connection refuused X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 May 2010 00:18:24 -0000 On Thu, May 06, 2010 at 04:48:30PM -0500, Tim Daneliuk wrote: > On 5/6/2010 4:41 PM, Tim Daneliuk wrote: > > On 5/6/2010 4:35 PM, Gary Kline wrote: > >> On Thu, May 06, 2010 at 12:32:18PM -0500, Tim Daneliuk wrote: > >>> On 5/6/2010 12:21 PM, Gary Kline wrote: > >>>> > >>>> can anybody help me with ne of my last problems: getting ssh Into > >>>> my new comuter? i am able to ssh outside. need to scp my config > >>>> files over. > >>>> > >>>> sshd is running on "zen" > >>>> > >>>> > >>> > >>> This generally involves two or three steps: > >>> > >>> 1) Make sure /etc/rc.conf has this in it: > >>> > >>> sshd_enable="YES" > >> > >> Yes; this was my first try. no diff. > >>> > >>> 2) Make sure /etc/hosts.allow permits access > >>> to your machine via ssh. Something like this: > >>> > >>> sshd: 192.168. a_host-name.com an.ip.add.ress :ALLOW > >>> > >>> Some people do this: > >>> > >>> sshd: ALL :ALLOW > >>> > >>> That's fine if the machine sits on a trusted LAN, but I don't > >>> much like this for machines that are internet-facing ... it > >>> just provides another vector for attack. So, for such machines, > >>> I explicitly name the address and names that are permitted ssh access. > >> > >> ok. itried this; have not rebooted yet. no difference right > >> now. > >> > >>> > >>> 3) If you're running a firewall, make sure that the sshd ports > >>> (22/tcp and 22/udp) are open for those machines/addresses > >>> you want to connect into your FreeBSD box. > >>> > >> > >> > >> i'm runnning a pfSense computer; pretty sure that things are > >> sett correctly there. > >> > >>> > >>> If you are still having trouble, go to the client machine > >>> and invoke your session like this: > >>> > >>> ssh -vvvvv your_freebsd_machine > >>> > >> > >> the files in /etc/ssh were the first thing i thought of > >> editing. didn't see many differences between rel 8.0 and my > >> current 7.3. still, here is the verbose output. > >> > >> > >> pl 14:20 [5036] ssh zen > >> ssh: connect to host zen port 22: Connection refused > >> pl 14:20 [5037] ssh -vvvv zen > >> OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007 > >> debug1: Reading configuration data /etc/ssh/ssh_config > >> debug2: ssh_connect: needpriv 0 > >> debug1: Connecting to zen [10.47.0.190] port 22. > >> debug1: connect to address 10.47.0.190 port 22: Connection > >> refused > >> ssh: connect to host zen port 22: Connection refused > >> pl 14:22 [5038] > >> > >> any idea what the ``needpriv 0'' means? > >> > >> > >> > > > > > > What's in your /etc/hosts.allow file? > > > > > Oh ... one other thing ... make sure sshd is actually running. > If you changed the /etc/rc.conf enable line without either rebooting > or doing a kill -HUP 1, you may not have a running daemon. > i'm like 9.99-bar % sure sshd is up; i did ti the long way by sh /etc/rc.d/ssh restart and so it has to have exec. i just poked around on google and there is some noise about ssh failing from outside. i'm downloading a cd of 8.0 (i386)! of the Real-Thing: freebsd. it should be about an hour. the main//only reason i messed with linux was that for reasons unknown [completely], FBSD messed up on streams. but in just the past several weeks i'm able to play audio and video streams here on my old '03 Dell. i've got 7.3 here, but using firefox3: yes. i use konqueror because it has text/speech builtin. on the kde4, i see that konq4 seems ready to play streams. nutshell, no more going to/fro. > > -- > ---------------------------------------------------------------------------- > Tim Daneliuk tundra@tundraware.com > PGP Key: http://www.tundraware.com/PGP/ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -- Gary Kline kline@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel