similar to: SSH connection hangs with ipchains/RH6.2/OpenSSH 2.5.1p1 (butnot <= 2.3.0p1)

I just recently installed OpenSSH 2.5.1p1 on a RH6.2 box (kernel 2.2.17). I run ipchains to do packet filtering, allowing incoming connections only to 22 and 80 (and some other ports for specific machines). I was able to run prior versions of openssh in this fashion (I've run it from the first release, I think). Upon installing 2.5.1p1 I found that my attempts to connect hang, here is ssh

Which is why I always symlink /etc/localtime Not only does it solve these issues, but it makes it very clear which timezone is selected! -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Aleksandar Milivojevic Sent: Monday, November 07, 2005 2:45 PM To: centos at centos.org Subject: Re: [CentOS] New Standard/Daylight time-change

The laws already exist: Disturbing the peace, Misappropriation of public funds, Prohibition on unfunded mandates. What's lacking is prosecutors, judges, and juries who see the politicians as getting in the way of the statesmen and the people. To drag this back towards On Topic, it seems to me that the ntp folks might be petitioned to write up and submit to the Congress, a paper

We have come across a problem with OpenSSH 2.3.0p1 (and still in 2.5.1p1) which affect authentication on an AIX 4.3 system. The code in auth-passwd.c at line 168 reads: #ifdef WITH_AIXAUTHENTICATE return (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0); #endif however, the AIX manual page for "authenticate" states: "The authenticate subroutine maintains

Hi, I'm running OpenSSH 1.2.3 here on assorted Solaris and Linux machines. On the Linux machines, users are able to ssh back and forth among the machines without a password assuming proper .shosts files, but root is never able to do the same: it always gets prompted for a password. I'm using RH6.2 here. I've tried fiddling with PAM, /etc/securetty, /etc/hosts.equiv, all to no

Hi, I installed libogg-1.0beta4.tar.gz on a Cobalt server (Red Hat 6.2) and also installed libao-0.6.0.tar.gz for good measure. I just did a plain ./configure make make install When I come to install libvorbis-1.0beta4 I get *** Could not run Ogg test program, checking why... *** The test program compiled, but did not run. This usually means *** that the run-time linker is not finding Ogg or

http://bugzilla.mindrot.org/show_bug.cgi?id=251 Summary: openssh-3.2.2p1-1.src.rpm won't build under RH6.2 Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=251 ------- Additional Comments From seba at iq.pl 2002-05-20 09:29 ------- update bug info error at link time: i386-redhat-linux-gcc -o ssh ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o -L. -Lopenbsd-compat/ -L/usr/kerberos/lib -l ssh -lopenbsd-compat -lresolv -lutil -lz -lnsl /usr/lib/libcrypto.a -lkrb5

Hi- I heard about a bug in ipchains, could you please tell me what to do? Thanks

Hi stef; imq patch of 2.2.17 form http://luxik.cdi.cz/~devik/qos/imq.htm diff against 2.2.17 Can you tell me how imq work with ipchains? thanks for your help regards, haipe _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

I have an Asterisk PBX behind a 'manually-built' IPCHAINS firewall machine. Can anyone tell me what I need to allow/build QOS packet rewrites through this simple NAT barrier? What do I need to pass to IPCHAINS to let QOS out to the next outside network hop? I ask this, because I have been getting intermittent jitter from my provider (TELIAX), and since it seems near-impossible to

How can I tell if its running? Where is the default location? Thanks.. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080528/647f6634/attachment-0005.html>

Just a quick word - I spent two days trying to get Samba to work. The whole problem was a lack of knowledge about ipchains (firewall). It was part of the RH7.1 install package, and the medium security setting stops all tcp and udp traffic for a lot of ports, including those needed for NetBIOS (137-139) It is pretty easy to fix, the IPCHAINS-HOWTO is a good and humorous read, and by the end of

Hello David, After some experiments and discussions I came to the following result concerning private NT-Box connecting to a LAN via ipchains and using all NETBIOS services (incl. domain-logon): Cross-subnet browsing with NETBIOS could only be done by a local master browser in the private net. I first thought of using Samba on the Linux router for that. But the Samba service would have to use

To all those that wanted to know how I was filtering particular ICMP packets here is a few snippets from my firewall script which is based on one by Ian Hall-Beyer. I hope this helps you get started. Also note the output of the command: ipchains -h icmp Shawn Mitchell mentioned blocking all ICMP echos and especially broadcast echos. Perhaps he''d care to elaborate with a similar

Howdy, I tried tackling this on irc with Ivo, but I suspect that irc may really not be the best medium for technical discussions, so I'll reprise it here. I am trying to duplicate the "tinc from behind a masquerading firewall" example from the tinc web site: (home) <--> (masquerading firewall) <--> (office) 192.168.1.21 192.168.1.1/1.2.3.4

Hi Raymond, I also struggled 3 days to set up a direct connection between a RH7.3 box and a WinME box with a crossover cable for experiment and met with frustration. The setup of WinME box has no problem and it can connect to other Win boxes for file sharing. IP Address RH7.3 192.168.0.1 WinME 192.168.0.2 Ping started connecting but both boxes can't see each another. I also doubt

I have a couple questions that I will submit separately. When I have IPchains running I can't get my samba box to show up in network neighborhood, but when I turn ipchains off the box shows up. What rules do I need to add for things to work properly? -- Raymond Norton Little Crow Telemedia Network 320-234-0270

Hello, I did a quick change to the patched port of poppassd and am wondering if you think my code would introduce any potential problems. The idea is right after we check if the username exists, also check if the UID of that username is over 1000. I wanted to make sure that no one monkeys around with priveleged users once poppassd is running. So, the middle chunk of code is mine, everything

---------- Forwarded message ---------- Received: from lists.securityfocus.com (lists.securityfocus.com [216.102.46.4]) by blues.jpj.net (right/backatcha) with SMTP id VAA15167 for <trevor@JPJ.NET>; Tue, 27 Jul 1999 21:17:48 -0400 (EDT) Received: (qmail 28179 invoked from network); 27 Jul 1999 19:14:06 -0000 Received: from lists.securityfocus.com (216.102.46.4) by lists.securityfocus.com