Re: potato security ;(
Hi, first of all try "ssh -v home.machine.edu" from work.machine.edu.
Ssh will then give you more information about what's going on.
Drew Parsons <dfparsons@ucdavis.edu> writes:
Drew> I have sshd running, which I believe is responsible for handling incoming
Drew> telnet connections. I want to be able to telnet into my machine from
Drew> certain defined addresses (eg from home).
Drew>
Drew> I've added what I thought were the appropriate entries in /etc/hosts.allow:
Drew> ALL: home.machine.edu work.machine.edu
The companion is /etc/hosts.deny which probably should contain "ALL: ALL"
(which is then relaxed via hosts.allow).
Drew> I also tried specifying
Drew> AllowHosts home.machine.edu work.machine.edu
Drew> in /etc/ssh/sshd_config.
I'm using "AllowHosts *.machine.edu", trusting the other machines on
the network.
Drew> I even added
Drew> sshd: ALL
Drew> for good measure, as mentioned in the ssh docs.
Where? In hosts.allow? I do have "sendmail: all" in there (which is
dumb) but "sshd: ALL" shouldn't be needed.
Drew> But nothing helps! Whenever I attempt to telnet in from work.machine (not
Drew> it's real name), I get:
Drew> Connected to strider [my machine].
Drew> Debian GNU/Linux potato strider
Drew> login: permission denied
Drew> Terminated
As others have pointed out, this is not an ssh problem. The
configuration of the /etc/hosts.* file should allow you to telnet to
your machine. But then, you _should'nt_ use telnet.
Drew> No permission! Even though hosts.allow is set explicitly (and I even
Drew> removed hosts.deny for good measure).
Drew> Can anyone offer any better suggestions? Downgrade back to slink?
Try 'ssh -v' and let us know what ssh is unhappy about.
Have you looked into /etc/hosts.equiv (bad) and /etc/ssh/shosts.equiv (good)?
-tom
Reply to: