Re: FC4 and ssh passphrases not working

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Charset iso-8859-1 unsupported, filtering to ASCII...]
>
>> 
>> It appears to have been a hack. rpm -V openssh-server showed that
>> sshd has been modified.
>> 
>> I'll be damned if I know how they got in. I drop ssh packets after 3 attempts
>> in one minute in iptables. I review logs every morning.
>> 
>> I deleted all ssh packages from one of the minor servers and reinstalled them
>> and everything worked ok ppublickeys etc. I know that's not the solution.
>> 
>> Looks like I have several reinstalls to do. Unless someone has a better idea?
>> 
>> Thanks for everyone's help.
>> 
>> Mike
>> 
>
>Can someone give me an example of how to quickly and easily deny ssh access
>from one network interface but allow it from another. For example, disallow
>from the internet but allow from an internal net?

Assuming your iptables is running on the host itself, and not on a border
firewall, and that eth1 is the internet, then something like:

iptables -A INPUT -i eth1 -p udp -dport 22 -j DROP	(can ssh make udp connections?)
iptables -A INPUT -i eth1 -p tcp -dport 22 -j DROP

near the top of your ruleset (before any -j ACCEPT)
should do it.

If you ever discover how this happened, I for one would
be *very* interested to know.

Good luck,
Terry


>
>TIA,
>
>Mike
>
>
>-- 
>fedora-list mailing list
>fedora-list@xxxxxxxxxx
>To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux