Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH/Firewall issue
Operating Systems Solaris SSH/Firewall issue Post 302403655 by tawnos42 on Saturday 13th of March 2010 03:18:58 PM
Old 03-13-2010
SSH/Firewall issue
I am a complete UNIX neophyte with the unenviable task of trying to pseudo manage two SUN boxes with an unknown past. I was not responsible for setting them up, anything that was done on them previously, and have no means of figuring out anything that was done to them. So far I have changed the IPs and enabled root access for SSH. I also changed the IP in /etc/hosts associated with one of them from its previous public IP to its current IP on the local (private) network. Otherwise I have done nothing.

The machines are named Sun1 and Sun2 and are both on the same network. Everything works fine on Sun1. I can ssh into it from anywhere. For Sun2, however, I can only ssh into it from a client that is on the same network but not from a client on another network. For now, the user has been ssh'ing into Sun1 and going from there to Sun2. This works but is awkward.

I first suspected a firewall was active on Sun2 but ipfstat shows nothing and there are no rules defined in /etc/ipf/ipf.conf. As far far as I can tell ipf is not even running anyway. Is there some way I can tell for sure if a firewall is running somewhere on Sun2? Is there some other ssh setting that would allow only LAN access? I also compared /etc/ssh/sshd_config between Sun1 and Sun2 and could not find any differences.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

ssh thru firewall

Hi a question about ssh. im setting up a script to scp files to a remote machine outside our firewall, the script needs to be password free using keys. The firewall allows ssh trafic outside the company network but does not let ssh back into the network. this seems to be affecting the... (3 Replies)
Discussion started by: thangorn
3 Replies

2. UNIX for Advanced & Expert Users

linux firewall / dns issue

I have set up a linux (red hat 9) box as my main internet router. I am also running a DNS server on it. What are the rules i have to implement to allow DNS queries through the firewall from outside so that the outside world can see my domains? (1 Reply)
Discussion started by: frankkahle
1 Replies

3. Solaris

How to open SSH port on firewall?

Hi, So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years. We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies

4. UNIX for Advanced & Expert Users

vpnclient firewall policy mismatch issue

Hi all, I have installed vpnclient 4.8.00 (0490) on my centOS GNU/Linux OS. I configured the profiles (using the same profile pcf files which was on my WinXp system) I can connect to CISCO VPN from my WinXP machine but with the same profile (.pcf) on Linux am getting "Firewall Policy... (1 Reply)
Discussion started by: zing_foru
1 Replies

5. IP Networking

NAT Forwarding Issue Endian and Vyatta Firewall

I've experienced this same issue with both the Endian Firewall Appliance and a Vyatta Firewall Appliance. Conversely, it works with a Draytek Firewall/Router. I am trying to forward port 80 traffic to my internal web server which is located on the /24 subnet. I have an external static IP which... (0 Replies)
Discussion started by: mboudro
0 Replies

6. Shell Programming and Scripting

SSH issue

I want to run a program on remote server by using unauthenticated ssh. It works when I ssh from command line however, it does not work when I try to invoke ssh script with other application. Any clue? (6 Replies)
Discussion started by: sam101
6 Replies

7. Solaris

SSH issue

Hi guys. I just installed Solaris 10 and want to enable ssh on it So that i can remotely use it from another location. I read a post on this forum an it was written that SSH is enabled by default. I did a ps -ef | grep ssh and nothing showed up meaning that it isnt running. I even tried... (11 Replies)
Discussion started by: Junaid Subhani
11 Replies

8. UNIX for Advanced & Expert Users

Ssh issue

Hi All, I am trying to connect between two system , I am facing the issue with -SSH-t-l userid systemname exit ( this is the syntax) It suppose to ask for password , but it throws the error as mentioned below Error is received disconnect from system and remote login for the... (1 Reply)
Discussion started by: sudhainit
1 Replies

9. Linux

Linux and SCO ppp, firewall issue?

I' m playng a little retrocomputing. I have setup a virtual machine with SCO unix(3.2v4.2) on qemu The machine start, the novell2000 card(ne2k_pci,ne2k_isa) unfortunately not,probably driver issue. So I try the slirp with this procedure On SCO netconfig add chain..sl ..etc On... (2 Replies)
Discussion started by: Linusolaradm1
2 Replies

LEARN ABOUT DEBIAN

lire::firewall

Firewall(3pm)						  LogReport's Lire Documentation					     Firewall(3pm)

NAME

       Lire::Firewall - supplies a subroutine enabling TCP and UDP portnumber-to-name mapping

SYNOPSIS

	use Lire::Firewall qw/:firewall_number2names /;

DESCRIPTION

       The Lire::Firewall::firewall_number2names converts numbers for network services, as commonly found in firewall log files, to their
       descriptive names.

       firewall_revolve FIXME TODO

       It takes a firewall Lire dlf object as argument, and operates on its to_port, from_port and protocol properties.

       TCP services, UDP services and ICMP types are supported.

SEE ALSO

       RPC 792 for ICMP types.

VERSION

       $Id: Firewall.pm,v 1.5 2006/07/23 13:16:27 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2000, 2001, 2002 Stichting LogReport Foundation LogReport@LogReport.org

       This file is part of Lire.

       Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

AUTHOR

       Francis J. Lacoste <flacoste@logreport.org>.  The first Lire implementation of a TCP and UDP portnumber-to-name mapping was written by
       Plamen Bozukov.

Lire 2.1.1							    2006-07-23							     Firewall(3pm)
All times are GMT -4. The time now is 12:56 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy