|
|
|
|
|
|
|||||||
| Linux, UNIX, Open Source Rat & Tat bei Problemen und Fragen rund um GNU/Linux, BSD und sonstige UNIXe |
|
|
Themen-Optionen | Ansicht |
17.07.2005, 15:21
|
#1 |
|
Elite
 Registriert seit: 01.07.2000
Alter: 41
Beiträge: 1.400
 |
SSH Problem
Hallo,
ich hab unter der IP 194.208.223.90 einen Debian-Server, auf dem auch SSH läuft. Aus dem lokalem Netz komme ich (auch mit der öffentlichen IP) ohne Probleme auf den Server aber nicht aus dem Internet. Eigentlich müssten alle Ports korrekt weitergeleitet sein, nmap liefert nämlich: Code:
Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-06-28 18:51 UTC Interesting ports on 194-208-223-090.TELE.NET (194.208.223.90): (The 1649 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 20/tcp filtered ftp-data 21/tcp filtered ftp 22/tcp open ssh 25/tcp filtered smtp 80/tcp open http 110/tcp filtered pop3 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 143/tcp filtered imap 443/tcp filtered https 465/tcp filtered smtps 993/tcp filtered imaps 8080/tcp open http-proxy Meine sshd_config: Code:
# Package generated configuration file # See the sshd(8) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: ListenAddress 194.208.223.90 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 600 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Change to yes to enable tunnelled clear text passwords PasswordAuthentication yes # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes X11Forwarding no X11DisplayOffset 10 PrintMotd no PrintLastLog yes KeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net ubsystem sftp /usr/lib/sftp-server UsePAM yes TIA, Nestrus
____________________________________
"reden 2 unsinn im wcm forum, meint der dritte is eh offtopic" (Gifty am 14. Apr 2002 um 22:47 in " WCM Rat & Tat Forum > Meinung > Guru, e-Zitate & Off Topic > Kommt ein Mann zum Arzt...") |
|
|
| Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1) | |
|
|
Baum-Darstellung