Hi Michel,
Hi,
On Tue, 2009-09-22 at 11:01 -0700, Karl Kobata wrote:
I have installed cento 5.3. I enabled the ssh deamon. I have found that 2 options that I normally use does respond as I expect. Has anyone else had similar problems with the following options in sshd_config:
- Port 6666 - if I set the port to anything other than 22 (default),
using ssh -p6666 name at servername
http://lists.centos.org/mailman/listinfo/centos , does not work. Yet if I leave keep
the default, then ssh name at servername
http://lists.centos.org/mailman/listinfo/centos allows me to login.
Did you check your iptables rules ? port 6666 is closed by default. I use a sshd with port 443, so it should work.
Was this the only change you made to change the port? Did you also makes changes in iptables?
- PasswordAuthentication no - if I set this option to "no" (default is
"yes"), and my ssh key is either missing or in error, I will be prompted for user system login password. If this is set to "no", it should not allow me to login if I have not ssh key specified or in error. Has anyone else run into this problem.
Erhm.. I remember it does ask for a password but just doesn't let you in. But I can me mistaken :)
It does ask you for a password, and if you entered your user system password, It will log you in. I am surprised that this failure exists.
Regards, Michel
Hi,
On Tue, 2009-09-22 at 11:01 -0700, Karl Kobata wrote:
I have installed cento 5.3. I enabled the ssh deamon. I have found that 2 options that I normally use does respond as I expect. Has anyone else had similar problems with the following options in sshd_config:
- Port 6666 – if I set the port to anything other than 22 (default),
using ssh –p6666 name at servername, does not work. Yet if I leave keep the default, then ssh name at servername allows me to login.
Did you check your iptables rules ? port 6666 is closed by default. I use a sshd with port 443, so it should work.
Was this the only change you made to change the port?
Yes the only change to change the port in the SSHD.
Did you also makes changes in iptables?
Of course : iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --dport 6666 and after that to make it persistent : service iptables save
for more options : man iptables (which you should read before playing with firewalls).
- PasswordAuthentication no – if I set this option to “no” (default is
“yes”), and my ssh key is either missing or in error, I will be prompted for user system login password. If this is set to “no”, it should not allow me to login if I have not ssh key specified or in error. Has anyone else run into this problem.
Erhm.. I remember it does ask for a password but just doesn't let you in. But I can me mistaken :)
It does ask you for a password, and if you entered your user system password, It will log you in. I am surprised that this failure exists.
I think its not a failure ;)
Regards,
Michel
-
Karl Kobata -
Michel van Deventer