Hi, I've a Solaris 8 with Openshh 3.0.1 (build with these parameters --prefix=/usr/local --without-rsh --disable-suid-ssh --sysconfdir=/usr/local/etc --with-ssl-dir=/usr/local/ssl --with-tcp-wrappers). If I come from the same subnet as the server is on, I've have no problems. But When I try via the Internet I doesn't. If I run snoop I can see I get contact with the server: 193.234.247.50 -> imsdemo1 TCP D=22 S=20094 Syn Seq=2899242921 Len=0 Win=163 84 Options=<mss 1360,nop,nop,sackOK> My /var/adm/messages show me this: Nov 12 16:47:48 imsdemo1 sshd[29929]: [ID 800047 auth.error] error: Bind to port 22 on 193.234.247.50 failed: Cannot assign requested address. Nov 12 16:47:48 imsdemo1 sshd[29929]: [ID 800047 auth.crit] fatal: Cannot bind a ny address. Nov 12 16:50:26 imsdemo1 sshd[34]: [ID 800047 auth.crit] fatal: Read from socket failed: Connection reset by peer Hope someone can help me __________________________________________________ Best regards/ Med venlig hilsen Jan Bymark System Consultant TELECOM MEDIA NETWORKS Cap Gemini TMN Group Denmark A/S Oernegaardsvej 16 DK-2820 Gentofte Denmark <?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /> (+45 39 77 84 76 (direct line) (+45 70 11 22 01 (office) (+45 70 11 22 01 (fax) * jan.bymark at capgemini.dk <mailto:jan.bymark at capgemini.dk> " http://www.cgey.com/tmn "We make you outstanding in a connected world" __________________________________________________ This message contains information that may be privileged or confidential and is the property of the Cap Gemini Ernst & Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011113/6156b370/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: CGltbg.GIF Type: image/gif Size: 2038 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011113/6156b370/attachment.gif
Hi, Is there someone how can help me with this problem?? Hi, I've a Solaris 8 with Openshh 3.0.1 (build with these parameters --prefix=/usr/local --without-rsh --disable-suid-ssh --sysconfdir=/usr/local/etc --with-ssl-dir=/usr/local/ssl --with-tcp-wrappers). If I come from the same subnet as the server is on, I've have no problems. But When I try via theI nternet I doesn't. If I run snoop I can see I get contact with the server: 193.234.247.50 -> imsdemo1 TCP D=22 S=20094 Syn Seq=2899242921 Len=0 Win=163 84 Options=<mss 1360,nop,nop,sackOK> My /var/adm/messages show me this: Nov 12 16:47:48 imsdemo1 sshd[29929]: [ID 800047 auth.error] error: Bind to port 22 on1 93.234.247.50 failed: Cannot assign requested address. Nov 12 16:47:48i msdemo1 sshd[29929]: [ID 800047 auth.crit] fatal: Cannot bind a ny address. Nov 12 16:50:26 imsdemo1 sshd[34]: [ID 800047 auth.crit] fatal: Read from socket failed: Connection reset by peer Hope someone can help me __________________________________________________ Best regards/ Med venlig hilsen Jan Bymark System Consultant TELECOM MEDIA NETWORKS Cap Gemini TMN Group Denmark A/S Oernegaardsvej 16 DK-2820 Gentofte Denmark (+45 39 77 84 76 (direct line) (+45 70 11 22 01 (office) (+45 70 11 22 01 (fax) * jan.bymark at capgemini.dk <mailto:jan.bymark at capgemini.dk> " http://www.cgey.com/tmn "We make you outstanding in a connected world" __________________________________________________ This message contains information that may be privileged or confidential and is the property of the Cap Gemini Ernst & Young Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011115/349698ae/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: CGltbg.GIF Type: image/gif Size: 2038 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011115/349698ae/attachment.gif
To close the loop for the list on this, the problem was that the Solaris box running sshd did not have a default route--so traffic worked fine on the local subnet but *no* traffic worked correctly between the system and other systems in other parts of the 'net. It wasn't an SSH problem at all--and as a data point for everyone, we've been removing the SetUID root bit on our ssh installations for years and we've never had a problem. Unless you're trying to work with RhostsAuthentication, I don't recommend turning off --disable-suid-ssh as part of your troubleshooting process. -- Rip Loomis Senior Systems Security Engineer SAIC Center for Information Security Technology> > I've a Solaris 8 with Openshh 3.0.1 (build with these parameters > > --prefix=/usr/local --without-rsh --disable-suid-ssh > ^^^^^^^^^^^^^^^^^^ > Take this out and try again. > > > --sysconfdir=/usr/local/etc --with-ssl-dir=/usr/local/ssl > > --with-tcp-wrappers). If I come from the same subnet as the > server is on, > > I've have no problems. But When I try via theI nternet I > doesn't. If I run > > snoop I can see I get contact with the server: >
Maybe Matching Threads
- problem with make on solaris 8 and openssh 3.0p1
- Trackmania through steam
- Creating performance test fixtures from development db? How?
- Newbie AJAX validation problem. How do I validate field and color field on error
- Ruby on Rails as rapid prototyping tool