hosts allow sshd issue[SOLVED]

mrjwalsh · 2007-01-19 06:45:20

Hi all,
I seem to have an issue ssh'ing to my new arch box, it says I'm not allowed access even when I add my IP address to hosts.allow .

It's not unlike some problems I've read about here as when I put in sshd : ALL I am granted access, this is not the answer though as I want to restrict IP addesses; I have it set up like that on lots of other machines.

My computers firewall isn't blocking it but seeing as I'm on a large network I thought my ssh request might be diverting to a router somewhere, before hitting my computer, anyway to track it?

Last edited by mrjwalsh (2007-02-06 02:39:19)

F · 2007-01-19 07:09:00

Have you tried running traceroute?

Snarkout · 2007-01-19 14:13:05

IIRC, there's a default entry in hosts.deny for ALL when you first install arch. You can add a line for ssh in your hosts.allow, or you can add a line for the ip range you want allowed to access services.

quad3d@work · 2007-01-20 20:14:08

(alternative)
Here is how I do mine. I set "sshd: ALL: ALLOW" in /etc/hosts.allow and use "AllowGroups ssh" in /etc/ssh/sshd_config. I only added the $USER I wants to allow ssh access in group ssh.

mrjwalsh · 2007-01-22 02:56:05

hey guys,
thanks for the replies, it does work with the sshd : ALL bit but what are the security risks with this? ive set norootlogin in ssh, set up my iptables and i can create a group that is allowed to login; so does sshd : ALL still make me more vunerable to attacks (or attempts?)

murffatksig · 2007-01-22 05:28:51

mrjwalsh wrote:

so does sshd : ALL still make me more vunerable to attacks (or attempts?)

Well... yes, slightly. Even if you only allow one IP to connect, I can still do a port scan and see an SSH server running on your machine. However, if I'm looking to break into someone's machine, i'm looking for telnet, ftp, www, and NETBIOS ports that are open, not SSH. Know what I'm sayin

Snarkout · 2007-01-22 14:53:10

I misread your question at first - sorry about that. Please post the exact entry you are using in your hosts.allow file - you can obscure the IP if you need to. I imagine your issue is syntax at this point since ALL works - that's pretty strong evidence you don't have an access-list or firewall rule blocking access to that box. Other thoughts:

Are you sshing from another linux machine? If so, you can use the -v (or even -vv) switch to get a better idea of what's failing. What do you see in your logs when you try to connect? Try running

tail -f /var/log/auth.log

while you try an ssh to that box with the rule in place. What is kicked out?

mrjwalsh · 2007-01-23 04:30:06

Alrighty Snarkout, I did what you said and within verbose mode i got an output along the lines of this:

Connecting to xxx.xxx.xx.xxx [xxx.xxx.xx.xxx] port 22222
Connection establised
ssh_exchange_identification : Connection closed by remote host

And when i do that tail command on the server I get:
sshd : refused connect from 0.0.0.0

My IP is not 0.0.0.0 so I don't know if thats where I've stuffed up.

Snarkout · 2007-01-30 21:55:45

Is there a reason you're connecting to port 22222? Are you running a firewall on the server? Are you using keys rather than password? It really looks like you're doing a lot more than running sshd on the standard port from what you've posted there. It'd be helpful if you'd post the entire output of an ssh-vv [server] - obfuscating the IPs is fine.

mrjwalsh · 2007-02-06 02:41:50

Hi Snarkout, thanks for replies; it was my supid fault as every Linux problem always is, the 'refused connect from 0.0.0.0' was the key, the default listen address was set to 0.0.0.0 so I put the machines IP address in instead and now I can get ssh direct connections.

Arch Linux

#1 2007-01-19 06:45:20

hosts allow sshd issue[SOLVED]

#2 2007-01-19 07:09:00

Re: hosts allow sshd issue[SOLVED]

#3 2007-01-19 14:13:05

Re: hosts allow sshd issue[SOLVED]

#4 2007-01-20 20:14:08

Re: hosts allow sshd issue[SOLVED]

#5 2007-01-22 02:56:05

Re: hosts allow sshd issue[SOLVED]

#6 2007-01-22 05:28:51

Re: hosts allow sshd issue[SOLVED]

#7 2007-01-22 14:53:10

Re: hosts allow sshd issue[SOLVED]

#8 2007-01-23 04:30:06

Re: hosts allow sshd issue[SOLVED]

#9 2007-01-30 21:55:45

Re: hosts allow sshd issue[SOLVED]

#10 2007-02-06 02:41:50

Re: hosts allow sshd issue[SOLVED]

Board footer