FW: Can't connect to one server from a particular LAN



The hosts.deny is empty.
The hosts.allow already had an entry of the form:

Ssh:123.456.789.0/255.255.255.0

Representing the correct segment of the Lan I'm trying to connect from.
I added a new line representing the ip/subnet of the machine I'm
currently on.
I restarted sshd - no change: still no connection.

I found tcpd, and used tcpdchk -v to check the rules: everything looked
ok: the daemon was ssh, the client was my machine, the access was
'granted'.

So still no joy!!

mark

-----Original Message-----
From: jam@xxxxxxxxxxxxxxxxxxxx [mailto:jam@xxxxxxxxxxxxxxxxxxxx]
Sent: 26 January 2007 00:07
To: Sanders Mark
Cc:; jam@xxxxxxxxxxxxxxxxxxxx
Subject: Re: Can't connect to one server from a particular LAN

On Thu, Jan 25, 2007 at 09:51:12AM -0000, Mark Sanders wrote:
Hi
I can't ssh to a server from any machine on one particular LAN -
here's
the debug:

OpenSSH_4.2p1 Debian-7ubuntu3.1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to salford.zen.co.uk [62.3.91.113] port 22.
debug1: Connection established.
debug1: identity file /home/mark/.ssh/identity type -1
debug1: identity file /home/mark/.ssh/id_rsa type -1
debug1: identity file /home/mark/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer

I can connect to this server port 22 from a different LAN; I can also
telnet to the server from this LAN.
The debug is from an attempt from an Ubuntu box; I normally attempt to
connect from XP using putty, and get a 'Network error: software caused
connection abort' error.

All suggestions gratefully received...


it looks to me like there is a hosts.allow or hosts.deny that is denying
access from your box.

mark

regards,
J
--
http://zoidtechnologies.com/ -- software that sucks less



Relevant Pages

  • Re: 2 NICs Configuration Problem
    ... Servers on the DMZ are public, ... provides NAT for the LAN machines, allowing them to reach the Internet ... effectively bypassing firewall filtering to that server. ... Ethernet adapter Server Local Area Connection: ...
    (microsoft.public.windows.server.networking)
  • Re: Dial-up ICS settings = Configuration Problems
    ... On Machine #1 have you told it that it is to share its Internet connection? ... Double click on your LAN connection ... IntelPRO/100 VE Network Connection - Packet Scheduler Miniport ... Primary WINS Server: 0.0.0.0 ...
    (microsoft.public.windowsxp.network_web)
  • Re: How safe is this..
    ... >of my LAN I have connected a second Router to the first one (LAN 2 WAN ... >setting up a RADIUS server to secure the wireless side even more. ... contrived for the duration of the connection and not saved anywhere. ...
    (alt.internet.wireless)
  • Re: smbclient timeout, file truncated / 9.1 Pro (was Re: libpopt.so.0 conflict...
    ... >and the OS/2 machines on the LAN. ... NETBEUI was invented to allow windows clients to use an OS/2 server. ... 9 buffer small read and write requests until the buffer is full ... Acknowledgment Timeout ...
    (alt.os.linux.suse)
  • Re: Indirect synchronization setup with no synchronizers on servers
    ... Replica Manager to be installed at all. ... trust any LAN, except the LAN where the file server is that stores my ... remote PCs have synchronizers but the server does not. ... There is no difference between a synchronizer operating on replicas ...
    (microsoft.public.access.replication)