unable to get connection thru firewall
Loomis, Rip
GILBERT.R.LOOMIS at saic.com
Sat Nov 17 02:38:34 EST 2001
To close the loop for the list on this, the problem
was that the Solaris box running sshd did not have
a default route--so traffic worked fine on the local
subnet but *no* traffic worked correctly between the
system and other systems in other parts of the 'net.
It wasn't an SSH problem at all--and as a data point
for everyone, we've been removing the SetUID root bit
on our ssh installations for years and we've never
had a problem. Unless you're trying to work with
RhostsAuthentication, I don't recommend turning off
--disable-suid-ssh as part of your troubleshooting
process.
--
Rip Loomis
Senior Systems Security Engineer
SAIC Center for Information Security Technology
> > I've a Solaris 8 with Openshh 3.0.1 (build with these parameters
> > --prefix=/usr/local --without-rsh --disable-suid-ssh
> ^^^^^^^^^^^^^^^^^^
> Take this out and try again.
>
> > --sysconfdir=/usr/local/etc --with-ssl-dir=/usr/local/ssl
> > --with-tcp-wrappers). If I come from the same subnet as the
> server is on,
> > I've have no problems. But When I try via theI nternet I
> doesn't. If I run
> > snoop I can see I get contact with the server:
>
More information about the openssh-unix-dev
mailing list