03-14-2010
By the way, I really wouldn't advise enabling ssh for root unless absolutely necessary.
Better to ssh in as an ordinary user and su or sudo.
When testing for firewalls, a simple test for any protocol is to try
telnet sun2 (port)
which in this case is 22.
If nothing is blocking that, you'll see something like
Trying x,.x.x.x
Connected to sun2
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
(with that last line varying, of course)
If you don't get that, yes, you are looking at a firewall or routing issue. If you do get it, then ssh itself is refusing you and your next move is "ssh -v" to figure out why.
Note: Because ssh HAS -v, you don't really need the "telnet sun2 22" - the "ssh -v" would hang if it is blocked by a firewall or routing. It's just a good trick to keep in mind for any sort of access.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
a question about ssh.
im setting up a script to scp files to a remote machine outside our firewall, the script needs to be password free using keys.
The firewall allows ssh trafic outside the company network but does not let ssh back into the network. this seems to be affecting the... (3 Replies)
Discussion started by: thangorn
3 Replies
2. UNIX for Advanced & Expert Users
I have set up a linux (red hat 9) box as my main internet router. I am also running a DNS server on it. What are the rules i have to implement to allow DNS queries through the firewall from outside so that the outside world can see my domains? (1 Reply)
Discussion started by: frankkahle
1 Replies
3. Solaris
Hi,
So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years.
We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have installed vpnclient 4.8.00 (0490) on my centOS GNU/Linux OS. I configured the profiles (using the same profile pcf files which was on my WinXp system)
I can connect to CISCO VPN from my WinXP machine but with the same profile (.pcf) on Linux am getting "Firewall Policy... (1 Reply)
Discussion started by: zing_foru
1 Replies
5. IP Networking
I've experienced this same issue with both the Endian Firewall Appliance and a Vyatta Firewall Appliance. Conversely, it works with a Draytek Firewall/Router.
I am trying to forward port 80 traffic to my internal web server which is located on the /24 subnet. I have an external static IP which... (0 Replies)
Discussion started by: mboudro
0 Replies
6. Shell Programming and Scripting
I want to run a program on remote server by using unauthenticated ssh. It works when I ssh from command line however, it does not work when I try to invoke ssh script with other application. Any clue? (6 Replies)
Discussion started by: sam101
6 Replies
7. Solaris
Hi guys.
I just installed Solaris 10 and want to enable ssh on it So that i can remotely use it from another location.
I read a post on this forum an it was written that SSH is enabled by default.
I did a ps -ef | grep ssh and nothing showed up meaning that it isnt running.
I even tried... (11 Replies)
Discussion started by: Junaid Subhani
11 Replies
8. UNIX for Advanced & Expert Users
Hi All,
I am trying to connect between two system ,
I am facing the issue with -SSH-t-l userid systemname exit ( this is the syntax)
It suppose to ask for password , but it throws the error as mentioned below
Error is received disconnect from system and remote login for the... (1 Reply)
Discussion started by: sudhainit
1 Replies
9. Linux
I' m playng a little retrocomputing.
I have setup a virtual machine with SCO unix(3.2v4.2) on qemu
The machine start, the novell2000 card(ne2k_pci,ne2k_isa) unfortunately not,probably driver issue.
So I try the slirp with this procedure
On SCO
netconfig
add chain..sl ..etc
On... (2 Replies)
Discussion started by: Linusolaradm1
2 Replies
LEARN ABOUT REDHAT
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for hostbased authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during hostbased authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the the global client configuration file /etc/ssh/ssh_config by setting
HostbasedAuthentication to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about hostbased authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if hostbased
authentication is used.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
AUTHORS
Markus Friedl <markus@openbsd.org>
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
BSD
May 24, 2002 BSD