And OK, remembered this too ☺
The clocks of all servers in a Kerberos domain must be tightly sync'd and
under control of a local master clock. That's because of the timestamps in
the Kerberos tickets. Authentication fails without it. And again as with
name resolution, that config must be complete b
Let me add this if I may Kent, esp for others who might go there. When you
first configure the linux server into an LDAP/AD or LDAP domain, you MUST
complete the "final production" name resolution/resolver/DNS config BEFORE
joining the domain. If you don't but later move it into that domain, it
sti
On Mon, Feb 22, 2021, 1:47 PM Kent West wrote:
>
>
> On Mon, Feb 22, 2021 at 1:37 PM Kent West wrote:
>
>>
>>
>> On Mon, Feb 22, 2021 at 7:52 AM Nicholas Geovanis
>> wrote:
>>
>>> On Sun, Feb 21, 2021, 5:09 PM Kent West wrote:
>>>
>>> Brand new Debian box (tried Buster, then when that didn;' w
On Mon, Feb 22, 2021 at 1:37 PM Kent West wrote:
>
>
> On Mon, Feb 22, 2021 at 7:52 AM Nicholas Geovanis
> wrote:
>
>> On Sun, Feb 21, 2021, 5:09 PM Kent West wrote:
>>
>> Brand new Debian box (tried Buster, then when that didn;' work, upgraded
>> tp unstable - meh, it's a test box to get thing
On Mon, Feb 22, 2021 at 7:52 AM Nicholas Geovanis
wrote:
> On Sun, Feb 21, 2021, 5:09 PM Kent West wrote:
>
> Brand new Debian box (tried Buster, then when that didn;' work, upgraded
> tp unstable - meh, it's a test box to get things sorted out before
> production use).
>
> Minimal setup (unchec
On Sun, Feb 21, 2021, 5:09 PM Kent West wrote:
Brand new Debian box (tried Buster, then when that didn;' work, upgraded tp
unstable - meh, it's a test box to get things sorted out before production
use).
Minimal setup (unchecked everything in TaskSel step during install; later
used TaskSel to ad
On Sun, Feb 21, 2021 at 8:42 PM Kent West wrote:
>
>
> On Sun, Feb 21, 2021 at 6:10 PM Tibz Loufok wrote:
>
>> Hi,
>>
>> I suppose realmd configured sssd.
>>
>
> Yes.
>
> You may need to authorize your users to login. (By using AD gpo or
>> managing it locally).
>>
>> The parameter is access_pro
On Sun, Feb 21, 2021 at 6:10 PM Tibz Loufok wrote:
> Hi,
>
> I suppose realmd configured sssd.
>
Yes.
You may need to authorize your users to login. (By using AD gpo or managing
> it locally).
>
> The parameter is access_provider.
> But you can also use realm command to allow locally some AD gr
Brand new Debian box (tried Buster, then when that didn;' work, upgraded tp
unstable - meh, it's a test box to get things sorted out before production
use).
Minimal setup (unchecked everything in TaskSel step during install; later
used TaskSel to add X11/Mate).
su'd to root
apt install'd aptitud
Is a firewall employed on either end of the system? Is the firewall
allowing port 22 connections?
regards,
Robert
On Wed, 24 Nov 2004 09:56:10 -0800
Chuk Goodin <[EMAIL PROTECTED]> wrote:
> > >http://www.linuxquestions.org/questions/showthread.php?s=&threadid
> > >=248641
> > >
> > >
> > >>Does
On Wed, 24 Nov 2004 09:56:10 -0800, Chuk Goodin <[EMAIL PROTECTED]> wrote:
> > What have you got that connects you to the Internet? A DSL router? If
> > so, have you configured port forwarding?
Yes, a DSL router. Yes, it should be forwarding to this machine (I've
also tried it with no router.)
-
> >http://www.linuxquestions.org/questions/showthread.php?s=&threadid=248641
> >
> >
> >>Does anyone have any suggestions about things I
> >>might have overlooked?
> >>Attempts to connect just timeout with no response.
> >#nmap [external_ip]
PORT STATE SERVICE
22/tcp open ssh
> >you can se
Sergio Basurto Juarez wrote:
--- Chuk Goodin <[EMAIL PROTECTED]> wrote:
I'm running mostly Woody with some Sarge updates,
and I can't seem to
SSH in to my machine from offsite. I can do it on
the LAN, so I know
sshd is running and working, and I can't do it when
I hook my Linux
box straight into
On 11/19/2004 07:00 PM, Chuk Goodin wrote:
I'm running mostly Woody with some Sarge updates, and I can't seem to
SSH in to my machine from offsite.
Click here to have your port 22 probed:
http://www.grc.com/port_22.htm
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe".
> I've asked other people on my ISP if their port 22 is being blocked,
> and I've also tried running sshd on port 60.
I would recommend talking to your ISP. I ran into a similar problem a
while back when my ISP moved me from a publicly accessible IP pool to
a firewalled IP pool. A quick email cl
--- Chuk Goodin <[EMAIL PROTECTED]> wrote:
> I'm running mostly Woody with some Sarge updates,
> and I can't seem to
> SSH in to my machine from offsite. I can do it on
> the LAN, so I know
> sshd is running and working, and I can't do it when
> I hook my Linux
> box straight into our DSL line, s
I'm running mostly Woody with some Sarge updates, and I can't seem to
SSH in to my machine from offsite. I can do it on the LAN, so I know
sshd is running and working, and I can't do it when I hook my Linux
box straight into our DSL line, so I suspect it's probably not the
router (a DI-604).
I've
On Sat, 14 Aug 2004 17:56:35 -0500, Kent West <[EMAIL PROTECTED]> wrote:
> John Fleming wrote:
>
> >Since yesterday I can't ssh in to my Debian unstable box, fully upgraded.
> >When using Putty, as soon as the terminal window opens, it immediately
> >closes.
do not know
how it acts.
isalt
On Aug 14, 2004, at 7:23 AM, John Fleming wrote:
Since yesterday I can't ssh in to my Debian unstable box, fully
upgraded.
When using Putty, as soon as the terminal window opens, it immediately
closes. This is true whether from another machine on the LAN, or
John Fleming wrote:
Since yesterday I can't ssh in to my Debian unstable box, fully upgraded.
When using Putty, as soon as the terminal window opens, it immediately
closes. This is true whether from another machine on the LAN, or from a
more remote machine. I've checked with and
Since yesterday I can't ssh in to my Debian unstable box, fully upgraded.
When using Putty, as soon as the terminal window opens, it immediately
closes. This is true whether from another machine on the LAN, or from a
more remote machine. I've checked with and without my Firestarter
fir
This is my /etc/ssh/sshd_config:
# Package generated configuration file
# See the sshd(8) manpage for defails
# What ports, IPs and protocols we listen for
Port 22
# Uncomment the next entry to accept IPv6 traffic.
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2,1
# HostKeys for protocol vers
From /usr/share/doc/ssh/README.Debian.gz :
SSH now uses protocol 2 by default
--
This means all your keyfiles you used for protocol version 1 need to
be re-generated. The server keys are done automatically, but for RSA
authentication, please read the ssh-keygen ma
> look this:
>
> [EMAIL PROTECTED]:~] # ssh -1 localhost
> Permission denied.
>
> but...
>
> [EMAIL PROTECTED]:~] # ssh -2 localhost
> Password:
>
> I'm using OpenSSH_3.0.2p1 from woody.
>
> In Tue, 22 Jan 2002 18:10:38 -0500
> Acheron <[EMAIL PROTECTED]> wrote:
>
> > First, is the ssh daemo
i have this problem too...
look this:
[EMAIL PROTECTED]:~] # ssh -1 localhost
Permission denied.
but...
[EMAIL PROTECTED]:~] # ssh -2 localhost
Password:
I'm using OpenSSH_3.0.2p1 from woody.
In Tue, 22 Jan 2002 18:10:38 -0500
Acheron <[EMAIL PROTECTED]> wrote:
> First, is the ssh daemon ac
First, is the ssh daemon actually running on the box? (take a look at
the process list, and nmap the box to make sure that ssh is bound to
port 22).
If it is running, are there any access control mechanisms in place?
IPChains / IPTables, TCP Wrappers, host control mechanism in the sshd
config,
On Tue, Jan 22, 2002 at 09:30:07AM -0500, Stan Brown wrote:
> I can't seem to get ibound ssh working to a new woody box. Here is what ssh
> -v has to say about it:
That's the behavior you'll see if there is no ssh server listening on
port 22. Are you sure it's installed? I don't know that it is
I can't seem to get ibound ssh working to a new woody box. Here is what ssh
-v has to say about it:
Script started on Tue Jan 22 09:27:45 2002
$ ssh -v teddy
OpenSSH_2.9 FreeBSD localisations 20011202, SSH protocols 1.5/2.0, OpenSSL
0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_conf
FYI I solved it, and the solution was the same as that of the fellow in the
"ssh weirdness" thread. The problem was an ISP DNS issue. Namely, a
reverse lookup on my IP yielded a plausible name, but a forward lookup on
that name got nothing. This was causing the hosts.deny file to stop telnet
On Tue, Jul 10, 2001 at 10:47:41PM -0700, Owen G. Emry wrote:
> Yes, it's just got the default .deny and .allow files. Can't see anything
> wrong there. And all other services besides ssh and telnet seem to work
> fine. Very frustrating! Thanks for the suggestion, though.
What does "netstat
Yes, it's just got the default .deny and .allow files. Can't see anything
wrong there. And all other services besides ssh and telnet seem to work
fine. Very frustrating! Thanks for the suggestion, though.
-Owen
At 03:34 2001-07-11 -0300, Linuxero wrote:
> Some more information:
>
> Sinc
> Some more information:
>
> Since apache works perfectly, I stopped it and tried moving telnet to port
> 80. Still no connection. ssh didn't work over port 80, either, so I know
> it's not a firewall problem.
>
> After scouring the net, I read that sometimes having ipv6 enabled in the
> kernel w
st set up a new machine and for some infernal reason I can't ssh or
telnet to it. Here are the details:
-- both machines have static IPs, proper DNS entries, and are up to date
with latest Debian potato ssh and telnetd
-- new-machine is a fresh vanilla install, running the stock 3.1
I just set up a new machine and for some infernal reason I can't ssh or
telnet to it. Here are the details:
-- both machines have static IPs, proper DNS entries, and are up to date
with latest Debian potato ssh and telnetd
-- new-machine is a fresh vanilla install, running the
10:35 PM -0700 4/18/01, Deirdre Saoirse Moen wrote:
>I rebooted my system today (probably after a few too many things were
>changed) and all of a sudden I can't ssh in as a normal user.
>
>I've got a fairly minimal system, but it seems a strange thing to break
>upon reboot.
At 987701236s since epoch (04/19/01 06:27:16 -0400 UTC), Andre Berger wrote:
> * Deirdre Saoirse Moen <[EMAIL PROTECTED]>, 2001-04-19 09:53 +0200:
> >
> > (I'm still waiting for DNS to catch up with me...)
Perhaps that's your problem... do you have "ReverseMappingCheck" set to
"yes" in your /etc
>>>>> "Deirdre" == Deirdre Saoirse Moen <[EMAIL PROTECTED]> writes:
Deirdre> I rebooted my system today (probably after a few too many things
were
Deirdre> changed) and all of a sudden I can't ssh in as a normal user.
Deirdre> I've g
* Andre Berger <[EMAIL PROTECTED]>, 2001-04-19 12:43 +0200:
> * Deirdre Saoirse Moen <[EMAIL PROTECTED]>, 2001-04-19 09:53 +0200:
> > I rebooted my system today (probably after a few too many things were
> > changed) and all of a sudden I can't ssh in as a normal
* Deirdre Saoirse Moen <[EMAIL PROTECTED]>, 2001-04-19 09:53 +0200:
> I rebooted my system today (probably after a few too many things were
> changed) and all of a sudden I can't ssh in as a normal user.
>
> I've got a fairly minimal system, but it seems a strange
* Deirdre Saoirse Moen <[EMAIL PROTECTED]> [010419 00:27]:
> I rebooted my system today (probably after a few too many things were
> changed) and all of a sudden I can't ssh in as a normal user.
does this mean you *can* ssh as root? or does it mean you can't ssh in
at all
I rebooted my system today (probably after a few too many things were
changed) and all of a sudden I can't ssh in as a normal user.
I've got a fairly minimal system, but it seems a strange thing to break
upon reboot. All I can figure is that some package is in some peculiar
sta
Please set your line length to 72 characters, without space padding.
on Thu, Mar 15, 2001 at 09:11:17PM -0500, Mark Livingstone ([EMAIL PROTECTED])
wrote:
> Hi!
>
> One of my boxes is running openssh_2.3.0 with only ssh2 enabled.. When
> i first installed Debian and ssh i could easily connect to
Hi!
One of my boxes is running openssh_2.3.0 with only ssh2 enabled.. When i
first installed Debian and ssh i could easily connect to
Torbjorn Pettersson <[EMAIL PROTECTED]> writes:
> It seems like there just was an update of the ssh package from
> the sequrity team, which supposedly fixes the problem.
>
It didn't... It was linked to some version of libcrypto which
wasn't on my machine
Regards
Tobbe
It seems like there just was an update of the ssh package from
the sequrity team, which supposedly fixes the problem.
Regards
--
##
Torbjörn Pettersson # Email [EMAIL PROTECTED]
Vattugatan 5
Hi,
little more info, I did manage to break something :)
my sparc boxes are clustered, so after doing the upgrade on the master
node (my last email) I did:
# for i in `members`;do ssh -f $i apt-get -qq -v upgrade;done
Three out of the eight remaining boxes choked (on glibc I think,
though might
Hi,
Now that I've secured my machines...
Sparcstation20 (sun4m Ross HyperSparc processor)
Setting up ssh (1.2.3-9.1) ...
Installing new version of config file /etc/ssh/sshd_config ...
Starting OpenBSD Secure Shell server: sshd.
The upgraded server is accepting both password and RSA authenticati
On Sat, Jan 20, 2001 at 11:41:33PM +0100, Torbjorn Pettersson wrote:
:
: When apt upgraded ssh from 1.2.3-8.0.1 to 1.2.3-9.1 for me it
:worked on the x86 boxen, but on all my sparcs, sun4m and sun4u,
:some using pam, and some don't, I got the same problem, that is
:I can't log in any more, and the
"Jonathan D. Proulx" <[EMAIL PROTECTED]> writes:
> On Fri, Jan 19, 2001 at 03:54:36PM +0100, Torbjorn Pettersson wrote:
>
> : Are the server a sparc? It seems that the ssh package from the
> :security team is broken on sparc, at least it doesn't work for me...
>
> I have ssh on 9 sparc 4m machin
What was the exact message you received?
Art Edwards
On Thu, Jan 18, 2001 at 12:42:49PM -0500, John F. Davis wrote:
> Hello
>
> I did a apt-get upgrade which restarted ssh and now I can't ssh into
> my box anymore. I keep getting a invalid password response.
>
> I can h
On Fri, Jan 19, 2001 at 03:54:36PM +0100, Torbjorn Pettersson wrote:
: Are the server a sparc? It seems that the ssh package from the
:security team is broken on sparc, at least it doesn't work for me...
I have ssh on 9 sparc 4m machines working fine, can you be more
specific about the problem?
Hi,
don't have much light to shed on this but here's a few walls to bang
your head on:
/etc/hosts.{allow, deny}
/etc/ssh/sshd_config #especially AllowUsers if that's there only
specified users can connect, and
"PasswordAuthentication yes" for obvious r
"John F. Davis" <[EMAIL PROTECTED]> writes:
> Hello
>
> I did a apt-get upgrade which restarted ssh and now I can't ssh into
> my box anymore. I keep getting a invalid password response.
>
> I can however login to the box via the console with the same
On Thu, Jan 18, 2001 at 03:34:27PM -0500, David B. Harris wrote:
> To quote "John F. Davis" <[EMAIL PROTECTED]>,
> # Hello
> #
> # I tried to connect to the box from a machine which I have never
> # used as a client before. It failed also.
>
> Please be more specific with your problem. What vers
; > >
> > > when you restarted sshd it probably generated a new host key, right?
> > >
> > > my guess is that you need to delete the old host key in your
> > > ~/.ssh/known_hosts file...perhaps...just a guess.
> > >
> > > robt
> >
To quote "John F. Davis" <[EMAIL PROTECTED]>,
# Hello
#
# I tried to connect to the box from a machine which I have never
# used as a client before. It failed also.
Please be more specific with your problem. What versions of SSH are on
each machine? What operating systems are on each machine? In
> >
> > "John F. Davis" wrote:
> > >
> > > Hello
> > >
> > > I did a apt-get upgrade which restarted ssh and now I can't ssh into
> > > my box anymore. I keep getting a invalid password response.
> > >
> > > I can
probably generated a new host key, right?
>
> my guess is that you need to delete the old host key in your
> ~/.ssh/known_hosts file...perhaps...just a guess.
>
> robt
>
>
> "John F. Davis" wrote:
> >
> > Hello
> >
> > I did a apt-get upgr
Hello
I did a apt-get upgrade which restarted ssh and now I can't ssh into
my box anymore. I keep getting a invalid password response.
I can however login to the box via the console with the same
password.
What gives?
--
We host web sites: http://www.skink.net
buy my stuff:
http:/
llo
>
> I did a apt-get upgrade which restarted ssh and now I can't ssh into
> my box anymore. I keep getting a invalid password response.
>
> I can however login to the box via the console with the same
> password.
>
> What gives?
> --
> We host web sites:
60 matches
Mail list logo
