SSH server not excepting external connections (7.04 ubuntu) - Ubuntu

This is a discussion on SSH server not excepting external connections (7.04 ubuntu) - Ubuntu ; Muffin wrote: > I do not need or use ip6. Do I need to recompile to get rid of ip6? No, you can either blacklist it or make some changes to the /etc/modprobe.d/aliases file. Read this article ... http://ubuntuforums.org/showthread.php?t=87798 Cheers. ...

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 32 of 32

Thread: SSH server not excepting external connections (7.04 ubuntu)

  1. Re: SSH server not excepting external connections (7.04 ubuntu)

    Muffin wrote:

    > I do not need or use ip6. Do I need to recompile to get rid of ip6?


    No, you can either blacklist it or make some changes to
    the /etc/modprobe.d/aliases file.

    Read this article ...

    http://ubuntuforums.org/showthread.php?t=87798

    Cheers.

    --
    Sometimes, I Wake Up Grumpy.
    Sometimes, I Just Let Him Sleep In.
    -- My Wife


  2. Re: SSH server not excepting external connections (7.04 ubuntu)

    NoStop wrote:
    > Muffin wrote:
    >
    >> I do not need or use ip6. Do I need to recompile to get rid of ip6?

    >
    > No, you can either blacklist it or make some changes to
    > the /etc/modprobe.d/aliases file.
    >
    > Read this article ...
    >
    > http://ubuntuforums.org/showthread.php?t=87798
    >
    > Cheers.
    >

    Thx

  3. Re: SSH server not excepting external connections (7.04 ubuntu)

    On 2007-09-28, Muffin wrote:
    >
    >>> Install firestarter (or lokkit) and open up ssh.

    > I have it installed and have opened port 22 inbound. It looks like I
    > have it config'ed right but still can not log in with ssh yet.


    Are you behind a router? If so, you will need to set up the router to allows connections to port 22
    to be routed to your Linux box.

    --
    PSK - RLU 452647 http://improve-usenet.org
    Killing GG on Ubuntu, openSUSE, Vista and XP with slrn and Xnews
    ~Nick: People are pigs.
    ~Grissom: Don't insult the pigs, Nick. They're actually very clean.

  4. Re: SSH server not excepting external connections (7.04 ubuntu)

    * Pseudo Silk Kimono :
    > On 2007-09-28, Muffin wrote:
    > >
    > >>> Install firestarter (or lokkit) and open up ssh.

    > > I have it installed and have opened port 22 inbound. It looks like I
    > > have it config'ed right but still can not log in with ssh yet.

    >
    > Are you behind a router? If so, you will need to set up the router to allows connections to port 22
    > to be routed to your Linux box.
    >


    If you open port 22 on your router, you will get the Chinese trying
    everything they can to gain access. I suggest that you choose another
    port for security.



  5. Re: SSH server not excepting external connections (7.04 ubuntu)

    On 2007-10-03, Chris wrote:
    > * Pseudo Silk Kimono :
    >> On 2007-09-28, Muffin wrote:
    >> >
    >> >>> Install firestarter (or lokkit) and open up ssh.
    >> > I have it installed and have opened port 22 inbound. It looks like I
    >> > have it config'ed right but still can not log in with ssh yet.

    >>
    >> Are you behind a router? If so, you will need to set up the router to allows connections to port 22
    >> to be routed to your Linux box.
    >>

    >
    > If you open port 22 on your router, you will get the Chinese trying
    > everything they can to gain access. I suggest that you choose another
    > port for security.
    >
    >

    I agree, but the questions are two:
    1) How can someone gain access when they don't know a username or password
    And since root does not have a password, that's one door shut.
    2) I can certainly open another port, but how do you make ssh listen
    on that port?


    --
    PSK - RLU 452647 http://improve-usenet.org
    Killing GG on Ubuntu, openSUSE, Vista and XP with slrn and Xnews
    ~Nick: People are pigs.
    ~Grissom: Don't insult the pigs, Nick. They're actually very clean.

  6. Re: SSH server not excepting external connections (7.04 ubuntu)

    On 2007-10-04, Pseudo Silk Kimono wrote:
    > 2) I can certainly open another port, but how do you make ssh listen
    > on that port?



    I found a useful site and had ssh changed and restarted in 2 minutes
    http://www.cyberciti.biz/tips/setup-...dard-port.html


    --
    PSK - RLU 452647 http://improve-usenet.org
    Killing GG on Ubuntu, openSUSE, Vista and XP with slrn and Xnews
    GIYF..YMMV

  7. Re: SSH server not excepting external connections (7.04 ubuntu)

    Pseudo Silk Kimono writes:

    > On 2007-10-03, Chris wrote:
    >> * Pseudo Silk Kimono :
    >>> On 2007-09-28, Muffin wrote:
    >>> >
    >>> >>> Install firestarter (or lokkit) and open up ssh.
    >>> > I have it installed and have opened port 22 inbound. It looks like I
    >>> > have it config'ed right but still can not log in with ssh yet.
    >>>
    >>> Are you behind a router? If so, you will need to set up the router to allows connections to port 22
    >>> to be routed to your Linux box.
    >>>

    >>
    >> If you open port 22 on your router, you will get the Chinese trying
    >> everything they can to gain access. I suggest that you choose another
    >> port for security.
    >>
    >>

    > I agree, but the questions are two:
    > 1) How can someone gain access when they don't know a username or password
    > And since root does not have a password, that's one door shut.
    > 2) I can certainly open another port, but how do you make ssh listen
    > on that port?


    /etc/ssh/ssh_config and sshd_config

    You can create per user ssh config files too.

    also -p on the command line. Easy peazy.

    --
    Ă“dio do doido.
    -- palĂ*ndromo

  8. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Wed, 03 Oct 2007 23:51:49 +0000, Chris wrote:

    > * Pseudo Silk Kimono :
    >> On 2007-09-28, Muffin wrote:
    >> >
    >> >>> Install firestarter (or lokkit) and open up ssh.
    >> > I have it installed and have opened port 22 inbound. It looks like
    >> > I
    >> > have it config'ed right but still can not log in with ssh yet.

    >>
    >> Are you behind a router? If so, you will need to set up the router to
    >> allows connections to port 22 to be routed to your Linux box.
    >>
    >>

    > If you open port 22 on your router, you will get the Chinese trying
    > everything they can to gain access. I suggest that you choose another
    > port for security.


    Also consider where you are connecting from. My office does not allow
    outbound connections on 22, so it looks like a failed connection. I have
    it set to a high port that is often used for other things, and all is
    well.


    --
    Joe - Registered Linux User #449481
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  9. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Thu, 04 Oct 2007 00:23:46 +0000, Pseudo Silk Kimono wrote:

    > On 2007-10-03, Chris wrote:
    >> * Pseudo Silk Kimono :
    >>> On 2007-09-28, Muffin wrote:
    >>> >
    >>> >>> Install firestarter (or lokkit) and open up ssh.
    >>> > I have it installed and have opened port 22 inbound. It looks like
    >>> > I
    >>> > have it config'ed right but still can not log in with ssh yet.
    >>>
    >>> Are you behind a router? If so, you will need to set up the router
    >>> to allows connections to port 22 to be routed to your Linux box.
    >>>
    >>>

    >> If you open port 22 on your router, you will get the Chinese trying
    >> everything they can to gain access. I suggest that you choose another
    >> port for security.
    >>
    >>

    > I agree, but the questions are two:
    > 1) How can someone gain access when they don't know a username or
    > password And since root does not have a password, that's one door shut.
    > 2) I can certainly open another port, but how do you make ssh listen on
    > that port?


    Change the config file /etc/ssh/sshd_config to reflect the new port, then
    stop and restart the sshd daemon.





    --
    Joe - Registered Linux User #449481
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  10. Re: SSH server not excepting external connections (7.04 ubuntu)

    Joe wrote:
    > On Thu, 04 Oct 2007 00:23:46 +0000, Pseudo Silk Kimono wrote:
    >
    >
    >> On 2007-10-03, Chris wrote:
    >>
    >>> * Pseudo Silk Kimono :
    >>>
    >>>> On 2007-09-28, Muffin wrote:
    >>>>
    >>>>>>> Install firestarter (or lokkit) and open up ssh.
    >>>>>>>
    >>>>> I have it installed and have opened port 22 inbound. It looks like
    >>>>> I
    >>>>> have it config'ed right but still can not log in with ssh yet.
    >>>>>
    >>>> Are you behind a router? If so, you will need to set up the router
    >>>> to allows connections to port 22 to be routed to your Linux box.
    >>>>
    >>>>
    >>>>
    >>> If you open port 22 on your router, you will get the Chinese trying
    >>> everything they can to gain access. I suggest that you choose another
    >>> port for security.
    >>>
    >>>
    >>>

    >> I agree, but the questions are two:
    >> 1) How can someone gain access when they don't know a username or
    >> password And since root does not have a password, that's one door shut.
    >> 2) I can certainly open another port, but how do you make ssh listen on
    >> that port?
    >>

    >
    > Change the config file /etc/ssh/sshd_config to reflect the new port, then
    > stop and restart the sshd daemon.



    Or open up, say, port 62222 and route it to port 22 and the IP of the
    openssh box in the router.

    Then access specifying port 62222 from the remote ( ssh -p 62222
    opensshservername ).


    --
    John

    No Microsoft products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  11. Re: SSH server not excepting external connections (7.04 ubuntu)

    Chris wrote:

    > If you open port 22 on your router, you will get the Chinese trying
    > everything they can to gain access. I suggest that you choose another
    > port for security.


    Changing ports is fruitless. In fact services that depend on nonstandard
    port assignments for "security" can be more brittle targets because any
    script kiddie who discovers one (and they will) assumes the
    administrator is clueless. More often than not they're right, at least
    with services running at the end of obvious end user pipes.

    OpenSSH has perfectly acceptable methods of securing that service built
    right into it, and netfilter can stifle the log file entries.

    Configure sshd to disallow root (even if there is no root password),
    use RSA/DSA key authentication only, and add a rule to your local
    firewall if your router doesn't support it, that uses a limit:
    directive to shut off the port for a suitable period of time when a
    given number of login attempts have failed. My preference is "avg 3/min
    burst 3". Three failed tries, and you wait three minutes. That makes
    scripted attacks wither and die so your logs aren't poisoned by futile
    attempts.

    All this nonstandard port crap and scripts like "fail2ban" are
    unnecessary. Just more points of failure. Configure the thing properly
    and scan log file summaries once in a while. That's all you need.


  12. Re: SSH server not excepting external connections (7.04 ubuntu)

    * Borked Pseudo Mailed :
    > Chris wrote:
    >
    > > If you open port 22 on your router, you will get the Chinese trying
    > > everything they can to gain access. I suggest that you choose another
    > > port for security.

    >
    > Changing ports is fruitless. In fact services that depend on nonstandard
    > port assignments for "security" can be more brittle targets because any
    > script kiddie who discovers one (and they will) assumes the
    > administrator is clueless. More often than not they're right, at least
    > with services running at the end of obvious end user pipes.
    >
    > OpenSSH has perfectly acceptable methods of securing that service built
    > right into it, and netfilter can stifle the log file entries.
    >
    > Configure sshd to disallow root (even if there is no root password),
    > use RSA/DSA key authentication only, and add a rule to your local
    > firewall if your router doesn't support it, that uses a limit:
    > directive to shut off the port for a suitable period of time when a
    > given number of login attempts have failed. My preference is "avg 3/min
    > burst 3". Three failed tries, and you wait three minutes. That makes
    > scripted attacks wither and die so your logs aren't poisoned by futile
    > attempts.
    >
    > All this nonstandard port crap and scripts like "fail2ban" are
    > unnecessary. Just more points of failure. Configure the thing properly
    > and scan log file summaries once in a while. That's all you need.
    >


    Just so I don't look like a complete dweeb...I also configured my sshd
    with all the above. I sure like not having to enter the darn password
    all the time and it works great in scripting. I believe not allowing
    root is preset in the sshd.conf...but it has been a while since I was in
    it.

    Thanks for adding what I should have added in my original post.


+ Reply to Thread
Page 2 of 2 FirstFirst 1 2