-
Senior Member
registered user
SSH - fish, sftp - will settle for anything
I have two computers. Cable modem. Router. Everything connects to internet fine. Now I am trying to get them to talk to each other, well at least be able to pluck files from one to other. I have assured ssh running on both machines. I have been trying ssh myusername@192.168.1.whateverforwhichevermachine. Likewise tried sftp and fish:// in konqueror. I am never rewarded with a password request. Just times out.
I use guarddog as frontend to configure iptables. There is no sftp protocol that I can find (yes, I am blind practically) where am I going wrong? It seems like it is blocked but I don't where to unblock it.
Help appreciated - I just want to be able to stop running up and down stairs with disks. Thanks much
-
Senior Member
registered user
1) Turn off your software firewalls.
2) Can each box ping each of the other boxes on your network?
3) ps aux|grep sshd (on each box)
4) Have you configured ssh keys on each box? Easiest way:
$ wget http://kanotix.com/files/fix-ssh.sh
$ chmod +x fix-ssh.sh
# ./fix-ssh.sh
-
Senior Member
registered user
ping does not work. But if I shutoff my firewall what is the purpose of it? I might as well use windows. Sad but at least with it I can block outsiders and have a network. I don't think it is right to shut off the firewall. There should be a way to allow this protocol or user without shutting off protection
-
Senior Member
registered user
I did the hokey pokey
yeah hokey pokey and turned myself around. And I still can't network two little puters in linux. Badabingbadabanbadaboom and it is done in windows. But since I don't have any files in windows worth a damn to share between the two puters it is useless. Windows cannot see the linux partitions so there will be no sharing the linux files on the two.
All I want to do is that fishing thing. I have ssh going, I allowed ping in guarddog and I can ping between the two until the cows come home. Still couldn't fish. I uninstalled the firewall for goodness sake. No joy.
But the worst thing? I actually read man pages for iptables. You want to know hell? It is man pages in iptables.
Problem is sftp is apparently a figment of someone's imagination. The protocol doesn't exist to allow (or you would think vice versa) no, I am not kidding. Somewhere along the line of all my linux installs I remember seeing some remote share option that I always shut OFF. Now I can't find the bloody thing.....please help?
-
Senior Member
registered user
Originally Posted by
nishtya
ping does not work. But if I shutoff my firewall what is the purpose of it?
nishtya you need to simplify your life. Turning off the software firewall lets you rule out one more potential snag in the overall networking picture. After you get simple networking established between your machines then you can restart your software firewall. Keep it simple! BTW you ARE already behind a hardware firewall.
OK according to your next post you can now ping between the two boxes. Good. Did you confirm that you have sshd running?
ps aux|grep ssh
OK if that's running did you set up ssh keys as I previously posted?
Oh and I already know that it's easy (and insecure) to set up file sharing in windows. You're trying to set up ssh which is Secure SHell. Note the emphasis on security.
-
Senior Member
registered user
gone fishing
but, I don't know what I did different this time. Even without firewall I couldn't get ssh or fish (is fish using ssh or sftp? - I can't get a handle on sftp) so I reinstalled the firewall. This time it works. Go figure - maybe it was the reboot. Or, I am not sure if I had ssh allowed locally on both before - just internet. So many places to look for things!
I am starting ssh in runlevel 5 on both boxes but it seems to not be working on one, I have to start it manually. Sorting through that. And how to make sure it is secure. I had run kano's script when I installed but ran again to be sure. Is there some way to make ssh only for one machine to another, not allow it from elsewhere? (I wouldn't care to login in from outside - the machines are shut off when I am out anyway). I am more secure in windows because I understand it better though it is inherently less secure (does that make sense?). If I live to be 100 I will never be proficient in linux, when I read man pages it is like greek to me.
Thanks
-
Senior Member
registered user
Originally Posted by
nishtya
gone fishing
but, I don't know what I did different this time. Even without firewall I couldn't get ssh or fish (is fish using ssh or sftp? - I can't get a handle on sftp) so I reinstalled the firewall. This time it works. Go figure - maybe it was the reboot. Or, I am not sure if I had ssh allowed locally on both before - just internet. So many places to look for things!
fish is a virtual file system usable only through Konqueror and mc (AFAIK).
I am starting ssh in runlevel 5 on both boxes but it seems to not be working on one, I have to start it manually. Sorting through that.
To start a service on boot:
Code:
update-rc.d ssh defaults
To stop a service from starting:
Code:
update-rc.d -f ssh remove
And how to make sure it is secure.
Start with a good passphrase. You may want to look here for more info on ssh.
I had run kano's script when I installed but ran again to be sure. Is there some way to make ssh only for one machine to another, not allow it from elsewhere? (I wouldn't care to login in from outside - the machines are shut off when I am out anyway).
If a box does not run the sshd then it is impossible to ssh into that box. Keep in mind that you will *never* be able to ssh into any of your LAN boxes from the outside unless you forward port 22 to a specific i.p. address on your LAN. The same is true of a web server or ftp server etc. You would first need to tell your router to allow access on port 22 then forward port 22 to the i.p. of the box you want to ssh into from the outside.
I am more secure in windows because I understand it better though it is inherently less secure (does that make sense?). If I live to be 100 I will never be proficient in linux, when I read man pages it is like greek to me.
Thanks
Indeed man pages can be a nightmare but you have already gotten your network up and running! Congrats
-
Senior Member
registered user
oh DARN! I spoke too soon. Not working both ways. Only one way, the other I am getting this (it was working last night, really it was)
"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
(I have cut this out).
Please contact your system administrator.
Add correct host key in /home/nishtya/.ssh/known_hosts to get rid of this message.
Offending key in /home/nishtya/.ssh/known_hosts:1
RSA host key for 192.168.1.100 has changed and you have requested strict checking.
Host key verification failed"
alright, what have I done?
-
Senior Member
registered user
Originally Posted by
nishtya
alright, what have I done?
SImple. You changed your hostkey. Just do as it tells you and put the correct key in /home/nishtya/.ssh/known_hosts.
Of course since you're only on your home LAN you could always just nuke /home/nishtya/.ssh/known_hosts. When you log in again the file will be recreated. That's just a workaround to make things simple. By no means is it *good* advice allthough it does work.
-
Senior Member
registered user
Similar Threads
-
By jon267 in forum Networking
Replies: 1
Last Post: 05-05-2005, 10:35 AM
-
By A. Jorge Garcia in forum General Support
Replies: 16
Last Post: 12-03-2004, 02:33 AM
-
By A. Jorge Garcia in forum General Support
Replies: 0
Last Post: 11-02-2003, 01:10 AM
-
By MattT in forum General Support
Replies: 3
Last Post: 07-25-2003, 01:52 AM
-
By RoadKill in forum Customising & Remastering
Replies: 4
Last Post: 03-01-2003, 10:06 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G
$13.99
Samsung 16GB 2Rx4 PC4-2133P DDR4-17000 1.2V RDIMM ECC Registered Server Memory
$16.29
HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin
$12.90
A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G
$13.99
Kingston HyperX FURY DDR3 8GB 16GB 32G 1600 1866 1333 Desktop Memory RAM DIMM
$13.25
A-Tech 16GB 2 x 8GB PC3-12800 Laptop SODIMM DDR3 1600 Memory RAM PC3L 16G DDR3L
$27.98
8GB PC3L-12800S 1600MHz SODIMM DDR3 RAM | Grade A
$12.00
32GB (4X8GB) DDR3 PC3-12800 1600 NON ECC LOW DENSITY MEMORY F3-12800CL10Q-32GBXL
$32.00
A-Tech 256GB 4x 64GB 4Rx4 PC4-19200 ECC Load Reduced LRDIMM Server Memory RAM
$287.96
Samsung 64GB 4DRx4 PC4-2400 LRDIMM DDR4-19200 ECC Load Reduced Server Memory RAM
$71.99