Hi all, I'm pretty new to CentOS. I am working with a newly set-up server: [cbearden at host ~]$ lsb_release -a LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch Distributor ID: CentOS Description: CentOS release 6.3 (Final) Release: 6.3 Codename: Final I'm trying to solve this problem (X11 forwarding) http://thread.gmane.org/gmane.linux.centos.general/119342/focus=119347 for myself. But disabling ipv6 and adding AddressFamily inet to my sshd config didn't fix the problem. Oddly enough, the output of netstat -an suggests that ipv6 is still enabled: tcp 0 0 :::22 :::* LISTEN even though [cbearden at PostgreSQL ~]$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6 1 This is after a reboot. Am I right that the /proc file suggests that ipv6 is disabled while netstat suggests that it isn't? Thanks, Chuck -- Chuck Bearden Programmer Analyst IV The University of Texas Health Science Center at Houston School of Biomedical Informatics Email: Charles.F.Bearden at uth.tmc.edu Phone: 713.500.9672
Charles Bearden wrote:> Hi all, > > I'm pretty new to CentOS. I am working with a newly set-up server: > > [cbearden at host ~]$ lsb_release -a > LSB Version: > :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch > Distributor ID: CentOS > Description: CentOS release 6.3 (Final) > Release: 6.3 > Codename: Final > > I'm trying to solve this problem (X11 forwarding) > http://thread.gmane.org/gmane.linux.centos.general/119342/focus=119347 > for myself. > > But disabling ipv6 and adding > > AddressFamily inet > > to my sshd config didn't fix the problem. Oddly enough, the output of > > netstat -an > > suggests that ipv6 is still enabled:<snip> What's it saw about V6INIT in /etc/sysconfig/network-scripts/ifcfg-<whatever>? mark
$ cat /etc/modprobe.d/ipv6.conf options ipv6 disable=1
On 11/28/2012 12:25 PM, Charles Bearden wrote:> Hi all, > > I'm pretty new to CentOS. I am working with a newly set-up server: > > [cbearden at host ~]$ lsb_release -a > LSB Version: > :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch > Distributor ID: CentOS > Description: CentOS release 6.3 (Final) > Release: 6.3 > Codename: Final > > I'm trying to solve this problem (X11 forwarding) > http://thread.gmane.org/gmane.linux.centos.general/119342/focus=119347 > for myself. > > But disabling ipv6 and adding > > AddressFamily inet > > to my sshd config didn't fix the problem. Oddly enough, the output of > > netstat -an > > suggests that ipv6 is still enabled: > > tcp 0 0 :::22 :::* LISTEN > > even though > > [cbearden at PostgreSQL ~]$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6 > 1 > > This is after a reboot. Am I right that the /proc file suggests that ipv6 is > disabled while netstat suggests that it isn't? > > Thanks, > Chuckhttp://wiki.centos.org/FAQ/CentOS6#head-d47139912868bcb9d754441ecb6a8a10d41781df -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20121128/438a5082/attachment-0001.sig>
On 11/28/2012 12:45 PM, Johnny Hughes wrote:> On 11/28/2012 12:25 PM, Charles Bearden wrote: >> Hi all, >> >> I'm pretty new to CentOS. I am working with a newly set-up server: >> >> [cbearden at host ~]$ lsb_release -a >> LSB Version: >> :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch >> Distributor ID: CentOS >> Description: CentOS release 6.3 (Final) >> Release: 6.3 >> Codename: Final >> >> I'm trying to solve this problem (X11 forwarding) >> http://thread.gmane.org/gmane.linux.centos.general/119342/focus=119347 >> for myself. >> >> But disabling ipv6 and adding >> >> AddressFamily inet >> >> to my sshd config didn't fix the problem. Oddly enough, the output of >> >> netstat -an >> >> suggests that ipv6 is still enabled: >> >> tcp 0 0 :::22 :::* LISTEN >> >> even though >> >> [cbearden at PostgreSQL ~]$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6 >> 1 >> >> This is after a reboot. Am I right that the /proc file suggests that ipv6 is >> disabled while netstat suggests that it isn't? >> >> Thanks, >> Chuck > > http://wiki.centos.org/FAQ/CentOS6#head-d47139912868bcb9d754441ecb6a8a10d41781dfThanks to Mark, Barry, and Johnny for their swift responses. I tried the steps at the wiki page above, but no joy. In particular, when I restart sshd, it appears that the 'stop' part fails: # /etc/init.d/sshd restart Stopping sshd: [FAILED] Starting sshd: [ OK ] Despite altering both values via sysctl and adding the AddressFamily line and uncommenting ListenAddress 0.0.0.0, sshd appears still to be listening on :::22. Other processes are still listening on ipv6-bound ports as well. Do I need to explicitly remove the ipv6 kernel module? I probably can't while some daemons are bound to ::: ports. Sorry if I'm being dense here. I don't know if this makes any difference, but the CentOS system is running in a VM. It's not a setup I chose or ultimately control. Thanks, Chuck -- Chuck Bearden Programmer Analyst IV The University of Texas Health Science Center at Houston School of Biomedical Informatics Email: Charles.F.Bearden at uth.tmc.edu Phone: 713.500.9672