Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st December 2008, 09:35
v2k v2k is offline
Member
 
Join Date: Sep 2007
Location: Vancouver, Canada
Posts: 93
Thanks: 3
Thanked 1 Time in 1 Post
Default chrooted ssh guide killed perforce

I tried following this guide to setup chrooted ssh:
http://www.howtoforge.com/chroot_ssh_sftp_fedora7

I tried manual and script methods. I was never able to get it to work. I never touched my 'perforce' user, but now I am unable to connect to my perforce server running on the same machine.

"WSAEHOSTUNREACH"

I have no idea where to start. The p4d is running and I can ssh into the box.
Reply With Quote
Sponsored Links
  #2  
Old 31st December 2008, 09:51
v2k v2k is offline
Member
 
Join Date: Sep 2007
Location: Vancouver, Canada
Posts: 93
Thanks: 3
Thanked 1 Time in 1 Post
Default

My bad, turning off iptables gets around this. I know I didn't touch iptables at all, but I don't see how this could be related to the ssh stuff I was playing with.
Reply With Quote
  #3  
Old 31st December 2008, 09:56
v2k v2k is offline
Member
 
Join Date: Sep 2007
Location: Vancouver, Canada
Posts: 93
Thanks: 3
Thanked 1 Time in 1 Post
Default

These iptables look totally foreign to me aside from opening port 22 and 80, have I been hacked? Or is this normal... 224.0.0.251 means nothing to me.

Code:
]$ sudo cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A INPUT -j REJECT --reject-with icmp-host-prohibited

-A FORWARD -j REJECT --reject-with icmp-host-prohibited

COMMIT
Reply With Quote
  #4  
Old 1st January 2009, 10:54
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
 
Default

Quote:
Originally Posted by v2k View Post
Or is this normal... 224.0.0.251 means nothing to me.
It's used for multicast DNS: http://www.usenet-forums.com/linux-n...rt-5353-a.html
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
chrooted SSH + Debian Etch LeoLinux Installation/Configuration 37 11th August 2010 17:56
a backup server by RSYNC + SSH in a chrooted environment paguira Server Operation 3 23rd August 2008 16:44
ISPconfig ssh chrooted on SLES 10 javerleo HOWTO-Related Questions 4 11th July 2008 13:49
Chrooted SSH & ISPConfig SamTzu HOWTO-Related Questions 8 11th May 2008 23:13
Chrooted SSH apps bkrausz Tips/Tricks/Mods 14 29th August 2006 23:32


All times are GMT +2. The time now is 11:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.