Now that I have sshd running on the new server and I can connect to it from another PC on my LAN, I know that it should work. I have setup port 80, 8000 and 21 to forward to 22 on the server, but none allow me to connect with Putty from work. Those that remember, I had narrowed it down to port 80 being unblocked on outbound and POSSIBLY port 21. I just want the ability to sftp a few small files to it, enable new functions and test the webserver in general. The rules are set up in IPCop correctly. I am about to resign myself to the fact that there is no way to do this unless there is some other package that I can put on the server to allow remote access via port 80 or 443 (https).
Anybody know of something like webmin that comes by default to work on 443 and then allows you to ssh or ftp? I feel really stupid. The next step I will try is to put webmin on 443 instead of 10000 or whatever it is set by default, but I'm not confident.
I probably need to leave my current port forwarding rules until LUG meeting night to see if I can get in remotely from another location. This has been a testing nightmare for me.
Brian Kelsay
Your forwarding 3 ports, to 1 port? I dont believe thats a workable solution, if you forward port 80 on the external machine, to 22 on the internal machine, and set putty to connect to port 80 for an ssh/scp connection you can transfer your files. But AFAIK (and IANA tcpi/ip expert) you cannot have the 3 services listening on the same port on the same protocol (e.g. you could have one on udp and one on tcp) Surely there will be some others that will chime in with a more accurate answer.
On Thu, 30 Sep 2004 13:04:01 -0500, Brian Kelsay brian.kelsay@kcc.usda.gov wrote:
Now that I have sshd running on the new server and I can connect to it from another PC on my LAN, I know that it should work. I have setup port 80, 8000 and 21 to forward to 22 on the server, but none allow me to connect with Putty from work. Those that remember, I had narrowed it down to port 80 being unblocked on outbound and POSSIBLY port 21. I just want the ability to sftp a few small files to it, enable new functions and test the webserver in general. The rules are set up in IPCop correctly. I am about to resign myself to the fact that there is no way to do this unless there is some other package that I can put on the server to allow remote access via port 80 or 443 (https).
Anybody know of something like webmin that comes by default to work on 443 and then allows you to ssh or ftp? I feel really stupid. The next step I will try is to put webmin on 443 instead of 10000 or whatever it is set by default, but I'm not confident.
I probably need to leave my current port forwarding rules until LUG meeting night to see if I can get in remotely from another location. This has been a testing nightmare for me.
Brian Kelsay
Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
On Thursday 30 September 2004 01:04 pm, Brian Kelsay wrote:
Now that I have sshd running on the new server and I can connect to it from another PC on my LAN, I know that it should work. I have setup port 80, 8000 and 21 to forward to 22 on the server, but none allow me to connect with Putty from work. Those that remember, I had narrowed it down to port 80 being unblocked on outbound and POSSIBLY port 21. I just want the ability to sftp a few small files to it, enable new functions and test the webserver in general. The rules are set up in IPCop correctly. I am about to resign myself to the fact that there is no way to do this unless there is some other package that I can put on the server to allow remote access via port 80 or 443 (https).
Anybody know of something like webmin that comes by default to work on 443 and then allows you to ssh or ftp? I feel really stupid. The next step I will try is to put webmin on 443 instead of 10000 or whatever it is set by default, but I'm not confident.
I probably need to leave my current port forwarding rules until LUG meeting night to see if I can get in remotely from another location. This has been a testing nightmare for me.
What I've found I needed to do to allow PuTTY and WinSCP clients to connect is to change the sshd config. These are the options I needed to change, keep in mind this has been on SuSE 9.x, your distribution may vary.
/etc/ssh/sshd_config: #PasswordAuthentication no #PermitEmptyPasswords no UsePAM yes
Why don't you just change your sshd config file to use port 443, then the encrypted traffic won't throw up any flags to the firewall admins.
James Riley, CISSP ECC 816.737.6951
"Brian Kelsay" Brian.Kelsay@kcc.usda.gov Sent by: kclug-bounces@kclug.org 09/30/2004 01:04 PM
To kclug@kclug.org cc
Subject still no ssh access
Now that I have sshd running on the new server and I can connect to it from another PC on my LAN, I know that it should work. I have setup port 80, 8000 and 21 to forward to 22 on the server, but none allow me to connect with Putty from work. Those that remember, I had narrowed it down to port 80 being unblocked on outbound and POSSIBLY port 21. I just want the ability to sftp a few small files to it, enable new functions and test the webserver in general. The rules are set up in IPCop correctly. I am about to resign myself to the fact that there is no way to do this unless there is some other package that I can put on the server to allow remote access via port 80 or 443 (https).
Anybody know of something like webmin that comes by default to work on 443 and then allows you to ssh or ftp? I feel really stupid. The next step I will try is to put webmin on 443 instead of 10000 or whatever it is set by default, but I'm not confident.
I probably need to leave my current port forwarding rules until LUG meeting night to see if I can get in remotely from another location. This has been a testing nightmare for me.
Brian Kelsay
_______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
On Thursday 30 September 2004 01:04 pm, Brian Kelsay wrote:
Now that I have sshd running on the new server and I can connect to it from another PC on my LAN, I know that it should work.
Have you tried connecting to the firewall itself with ssh? What kind of WAN connection do you have? I was unable to connect to a system that was on an SBC PPPoE modem. I think the problem was with the PPPoE connection, but I never did track it down.