Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11
I had an old P200 sitting under my desk and decided to install RH8 on it. I opted for the server install and basically went for the default settings. SSH ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416

    SSH configuration


    I had an old P200 sitting under my desk and decided to install RH8 on it. I opted for the server install and basically went for the default settings.
    SSH is running and the machine is listening on port 22 but I can't get in.

    I have chosen medium security and if I am not mistaken that blocks port 22. I don't have any graphical functionality on this machine and redhat-config-securitylevel does not work. Is there an easy way to open this port?

    Do I have to manually edit iptables? What do I need to do?

  2. #2
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    You'll probably need to edit your iptables config manually, yes. Unfortunately, I don't know where these firewall configurators save their configuration, but I do know that RedHat's standard iptables configuration file name is /etc/sysconfig/iptables. Check that file and see if there is anything usable in there.

  3. #3
    Linux User
    Join Date
    May 2003
    Location
    CA
    Posts
    370
    hi

    I installed redhat9 with medium security and ssh and it allowed me in.
    Are you sure you have to modify iptables to release port 22??
    Are you trying to login as root or as a normal user?
    is ssh listening on port 22 in the first place?

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie
    Join Date
    Apr 2003
    Location
    UK, Manchester
    Posts
    147
    From the server run.

    iptables -L

    That will list what rules are currenty running. Check the man page for iptables on how to edit/replace rules. You will need to edit the iptables script so that the effects are permanent.
    It is most likely in the place that Dolda has previously posted.

    If you are confused with how to edit the rules just ask, the man page is quite informative but can be a bit overwhelming.

    btw - Are you getting an error or is your connection just timing out ?

  6. #5
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416
    SSH is listening on port 22 and I get a connection reset error.

    I did some reading on iptables and tried to add some commands which then show up when I run iptables -L .

    I added -A INPUT -s 192.168.1.25 -j ACCEPT and I believe this should accept everything if I am not mistaken.

    It still didn't let me in. I wonder if it is conflicting with Chain RH-Lokkit?

    Can someone explain what /etc/sysconfig/iptables is for? I thought that was the configuration file but the stuff you see under iptables -L is a lot different. It's quite confusing for someone who is new to iptables I guess.

  7. #6
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416
    Looks like I got it to work. In my INPUT chain was a reference to the RH-Lokkit chain and I guessed that past it on to that chain, which blocked it.
    I flushed that chain. Can someone show me the location of Dolda's post on saving the configuration?

    Cheers

  8. #7
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    You should probably add a specific rule to let port 22 through instead, for a more stable configuration. Try this:
    Code:
    iptables -I INPUT -p tcp --dport 22 -j ACCEPT
    The save format for iptables is very different from what you see when you use iptables -L. Can you give a sample from it (or the entire file, preferrably), so that I can validate it?

  9. #8
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416
    I would defenitly make it more stable if it was a production server. I am just using this one to learn so it's ok if I screw up

    I still don't understand the /etc/sysconfig/iptables file completely.
    I assume it stores the changes you make with iptables command?

    On my home machine I am not using the iptables firewall as I have a hardware router. The /etc/sysconfig/iptables does not exist and iptables -L shows empty chains.

    If I add some rules would the /etc/sysconfig/iptables files be created?
    How do you save the changes as it looks like you need to run /etc/sysconfig/iptables save .

    Thanx

  10. #9
    Linux User
    Join Date
    May 2003
    Location
    CA
    Posts
    370
    so does this mean that I get a pc and install redhat on it along with ssh and iptables, I wont be able to ssh to it because iptables blocks that port?

  11. #10
    Linux User Allblack's Avatar
    Join Date
    May 2003
    Location
    Godzone
    Posts
    416
    Quote Originally Posted by nikhil
    so does this mean that I get a pc and install redhat on it along with ssh and iptables, I wont be able to ssh to it because iptables blocks that port?
    I think that's what happened to me. I have opted for medium security and I was unable to SSH into it. Don't take my word for it though as I have no Linux experience.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •