I wouldn't concern myself with the xinitd yet...
run netstat -tupan to see what port sshd is listening on on your home system.
/etct/ssh/ssh_conf ...needs
# Port 22
remove # and insert
Port 21
service sshd restart
run ssh -v to.home (gives verbose out put on client end)
check /var/log/messages and /var/log/secure (on server [to.home]) to see if there is a love connection and you can add
iptables -A INPUT -p tcp --dport 21 -j LOG --log-prefix "MY_SSH: "
to log to your /var/log/messages
also of note, your IT dept probably blocks 21 (ftp) and 23 (telnet) if they block 22 out.
try a port above 1023 as a last restort I usuually have sshd on port 2222
Port 2222
On Mon, 2004-02-23 at 23:02, Vincent wrote:
> On Mon, 23 Feb 2004 22:12:20 -0500
> James Drabb <JDrabb@xxxxxxxxxxxxxxx> wrote:
> > > Do I need to do anything special to allow hosts outside of my home
> > network to SSH in? I am running SSH on port 21 and have opened port 21
> > on my Linksys router/firewall. However, I cannot connect from my work
> > to home. I am using port 21 because the silly MS Admins where I work
> > have port 22 blocked, yet they allow telnet.
> > > > I can ssh on my home computer using my public IP and it connects just
> > fine. Do I need to add entries to /etc/hosts.allow?
> > Maybe. append > sshd: 168.1.1.1.1 sect.mydomain.com > or sshd: ALL
> to your hosts.allow file, plus double check iptables.
> If when you try to connect the response is 'connection refused' most likely
> its a tcp wrap problem.
I though tcp wrappers was only used on xinetd started apps? I run SSH standalone on startup.
Not exactly, xinitd has its own host based access controls so applications
need not worry about compiling in support. xinitd.conf is where AC's are put in.
libwrap (tcpwrappers) is a library that can be compiled into any application.
#ifdef USE_LIBWRAP
#include <tcpd.h>
so the equivilant to ALL:ALL in /etc/hosts.deny is 'no_access = 0.0.0.0' in /etc/xinitd.conf
I put the sshd: ALL entry into hosts.all and will give it a shot tomorrow.
Thanks,
Jim Drabb
_________________________________________________________________
Take off on a romantic weekend or a family adventure to these great U.S. locations. http://special.msn.com/local/hotdestinations.armx