Remote users on external networks unable to connect to the host using F-Secure SSH from their workstations. The Host is installed with openssh-3.4p1 from IBM. Previously the host was installed with F-Secure 1.2.26 and there wasn't any problems. What can we do. I've checked in the sshd_config file and the AllowHosts and Allow Users tags are in there with the host ips and usernames that I wish to allow to the system. Any ideas. Maybe I should return to version 1.2.33 of the vanilla SSH. Please respond. Thanks. Anne Pemberton NASA HQ.
Try using any debug options on f-secure to see what is happing. You can also start sshd using another port, and add the -d options. this will show what the server is seeing. Is f-Secure only using sshv1 and OpenSSH configures to use only sshv2? Look for: Protocol 2,1 in the sshd_config to say use both v1 and v2 Anne Pemberton wrote:> > Remote users on external networks unable to connect to the host using > F-Secure SSH from their workstations. The Host is installed with > openssh-3.4p1 from IBM. > Previously the host was installed with F-Secure 1.2.26 and there wasn't any > problems. > What can we do. > I've checked in the sshd_config file and the AllowHosts and Allow Users > tags are in there with the host ips and usernames that I wish to allow to > the system. > > Any ideas. Maybe I should return to version 1.2.33 of the vanilla SSH.No.> > Please respond. > Thanks. > Anne Pemberton > NASA HQ. > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev-- Douglas E. Engert <DEEngert at anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444
Anne,
Is this a Kerberized environment?? If so then you _must_ use
protocol 1 for the negotiation, as Doug suggested.
Dave
Anne Pemberton wrote:
> Remote users on external networks unable to connect to the host using
> F-Secure SSH from their workstations. The Host is installed with
> openssh-3.4p1 from IBM.
> Previously the host was installed with F-Secure 1.2.26 and there
> wasn't any problems.
> What can we do.
> I've checked in the sshd_config file and the AllowHosts and Allow
> Users tags are in there with the host ips and usernames that I wish to
> allow to the system.
>
> Any ideas. Maybe I should return to version 1.2.33 of the vanilla SSH.
>
> Please respond.
> Thanks.
> Anne Pemberton
> NASA HQ.
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
--
David M. Williams, CISSP Phone: 505-665-8062
Systems Engineer, CCN-2 Fax: 505-667-7428
Los Alamos National Laboratory Email: d_wllms at lanl.gov