03-13-2010
SSH/Firewall issue
I am a complete UNIX neophyte with the unenviable task of trying to pseudo manage two SUN boxes with an unknown past. I was not responsible for setting them up, anything that was done on them previously, and have no means of figuring out anything that was done to them. So far I have changed the IPs and enabled root access for SSH. I also changed the IP in /etc/hosts associated with one of them from its previous public IP to its current IP on the local (private) network. Otherwise I have done nothing.
The machines are named Sun1 and Sun2 and are both on the same network. Everything works fine on Sun1. I can ssh into it from anywhere. For Sun2, however, I can only ssh into it from a client that is on the same network but not from a client on another network. For now, the user has been ssh'ing into Sun1 and going from there to Sun2. This works but is awkward.
I first suspected a firewall was active on Sun2 but ipfstat shows nothing and there are no rules defined in /etc/ipf/ipf.conf. As far far as I can tell ipf is not even running anyway. Is there some way I can tell for sure if a firewall is running somewhere on Sun2? Is there some other ssh setting that would allow only LAN access? I also compared /etc/ssh/sshd_config between Sun1 and Sun2 and could not find any differences.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
a question about ssh.
im setting up a script to scp files to a remote machine outside our firewall, the script needs to be password free using keys.
The firewall allows ssh trafic outside the company network but does not let ssh back into the network. this seems to be affecting the... (3 Replies)
Discussion started by: thangorn
3 Replies
2. UNIX for Advanced & Expert Users
I have set up a linux (red hat 9) box as my main internet router. I am also running a DNS server on it. What are the rules i have to implement to allow DNS queries through the firewall from outside so that the outside world can see my domains? (1 Reply)
Discussion started by: frankkahle
1 Replies
3. Solaris
Hi,
So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years.
We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have installed vpnclient 4.8.00 (0490) on my centOS GNU/Linux OS. I configured the profiles (using the same profile pcf files which was on my WinXp system)
I can connect to CISCO VPN from my WinXP machine but with the same profile (.pcf) on Linux am getting "Firewall Policy... (1 Reply)
Discussion started by: zing_foru
1 Replies
5. IP Networking
I've experienced this same issue with both the Endian Firewall Appliance and a Vyatta Firewall Appliance. Conversely, it works with a Draytek Firewall/Router.
I am trying to forward port 80 traffic to my internal web server which is located on the /24 subnet. I have an external static IP which... (0 Replies)
Discussion started by: mboudro
0 Replies
6. Shell Programming and Scripting
I want to run a program on remote server by using unauthenticated ssh. It works when I ssh from command line however, it does not work when I try to invoke ssh script with other application. Any clue? (6 Replies)
Discussion started by: sam101
6 Replies
7. Solaris
Hi guys.
I just installed Solaris 10 and want to enable ssh on it So that i can remotely use it from another location.
I read a post on this forum an it was written that SSH is enabled by default.
I did a ps -ef | grep ssh and nothing showed up meaning that it isnt running.
I even tried... (11 Replies)
Discussion started by: Junaid Subhani
11 Replies
8. UNIX for Advanced & Expert Users
Hi All,
I am trying to connect between two system ,
I am facing the issue with -SSH-t-l userid systemname exit ( this is the syntax)
It suppose to ask for password , but it throws the error as mentioned below
Error is received disconnect from system and remote login for the... (1 Reply)
Discussion started by: sudhainit
1 Replies
9. Linux
I' m playng a little retrocomputing.
I have setup a virtual machine with SCO unix(3.2v4.2) on qemu
The machine start, the novell2000 card(ne2k_pci,ne2k_isa) unfortunately not,probably driver issue.
So I try the slirp with this procedure
On SCO
netconfig
add chain..sl ..etc
On... (2 Replies)
Discussion started by: Linusolaradm1
2 Replies
LEARN ABOUT DEBIAN
lire::firewall
Firewall(3pm) LogReport's Lire Documentation Firewall(3pm)
NAME
Lire::Firewall - supplies a subroutine enabling TCP and UDP portnumber-to-name mapping
SYNOPSIS
use Lire::Firewall qw/:firewall_number2names /;
DESCRIPTION
The Lire::Firewall::firewall_number2names converts numbers for network services, as commonly found in firewall log files, to their
descriptive names.
firewall_revolve FIXME TODO
It takes a firewall Lire dlf object as argument, and operates on its to_port, from_port and protocol properties.
TCP services, UDP services and ICMP types are supported.
SEE ALSO
RPC 792 for ICMP types.
VERSION
$Id: Firewall.pm,v 1.5 2006/07/23 13:16:27 vanbaal Exp $
COPYRIGHT
Copyright (C) 2000, 2001, 2002 Stichting LogReport Foundation LogReport@LogReport.org
This file is part of Lire.
Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
http://www.gnu.org/copyleft/gpl.html.
AUTHOR
Francis J. Lacoste <flacoste@logreport.org>. The first Lire implementation of a TCP and UDP portnumber-to-name mapping was written by
Plamen Bozukov.
Lire 2.1.1 2006-07-23 Firewall(3pm)