Date: Mon, 3 Mar 2003 10:22:21 -0600 From: Wayne Barnes <currently@klentaq.com> To: current@freebsd.org Subject: [tlambert2@mindspring.com: Re: can't sshd into box] Message-ID: <20030303102221.A70601@klentaq.com>
next in thread | raw e-mail | index | archive | help
Dear FreeBSD,
1. My /etc/hosts.allow is the untouched default, with the first
uncommented line being
ALL : ALL : allow
Also, I am still running the default GENERIC kernel, so
there is no ipfw capability:
FreeBSD etaq3 5.0-RELEASE FreeBSD 5.0-RELEASE #0: Thu Jan 16 22:16:53 GMT
2003
root@hollin.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC i386
2. If I kill inetd, indeed 'telnet -debug' does not give an error.
It seems to be running and waiting for something ...
Going back to the other box etaq and trying to 'telnet etaq3' in, however,
still results in:
Connection closed by foreign host.
Looking back at the waiting telnet job, it has no message or
anything.
Trying it with 'telnetd -debug -D report'
<doesn't give any messages, either>
3. If you missed my response (maybe not copied to the list correctly)
about ALL:ALL:allow, maybe you missed that 'portscanner etaq3' from etaq
(the 4.7) reports that etaq3 (the new 5.0 system) has open ports 22, 23,
25, and 110. They all result in immediate 'Connection closed by foreign
host.', even while ps reports that 'telnet -debug' is running.
Actually, 'telnet etaq3 110' has a slightly different rejection:
wayne@etaq:/home/wayne>telnet etaq3 110
Trying 192.168.0.12...
telnet: connect to address 192.168.0.12: Connection refused
telnet: Unable to connect to remote host
4. There is one possibly relevant fact that I have not mentioned,
yet:
sysinstall cannot see the (motherboard?) ethernet port on this Dell
2350. As FTP connection, it only offered dialup ppp or serial, etc. So I
put in a years-old SMC1211TX ethernet PCI card, and that was recognized
easily as rl0.
On bootup, of the FTP-installed 5.0 system, only one NIC is
recognized, as rl0, and I only plugged the old PCI card with an ethernet
cord; so I don't think this is really causing my problem.
I can connect and conduct ssh sessions outward (that's how I am typing
now), so this machine can receive packets at all.
I just can't telnet or ssh into it. I haven't tried to install
apache, yet, but I wouldn't expect much until an ssh or telnet probe
works. It does ping just fine, both ways.
- Wayne
----- Forwarded message from Terry Lambert <tlambert2@mindspring.com> -----
Andre Guibert de Bruet wrote:
> On Mon, 3 Mar 2003, Wayne Barnes wrote:
> > Immediately after rebooting, I get this:
> >
> > root@etaq3:/home/wayne>telnetd -debug
> > telnetd: bind: Address already in use
> >
> > This doesn't happen on my other (working) system.
> > Could this be a clue to my problem?
>
> Telnetd is telling you that something else is listening on port 23. This
> is most probably inetd. Do a 'killall inetd' then try that command.
That's not only going to stop inetd from sitting on the port,
it will probably also make telnet into the box start working,
if it's related to the TCP wrappers (if he had modified his
hosts.allow with the advice from a previous poster, he would
not be having this problem, if that happens, so rather than
posting his problem over and over again, maybe he should read
the responses, and at least tell us if they worked?).
Otherwise, another common culprit is ipfw; if he has the
firewall enabled, the default is to block everything.
Given that he got a connection, and that it was subsequently
closed, though, rather than not getting a connection at all,
it's a safe bet that it's the TCP wrappers, not the ipfw, that
is causing the trouble.
In which case, he should take the advice on the hosts.allow
file contents that he was given earlier, and it will fix his
problem...
-- Terry
-- Wayne M Barnes, currently@klentaq.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030303102221.A70601>