Witam
Mam problem by połączyć sie przez SSH z moim serwerkiem. Z Lanu śmiga bez problemu... tzn troszkę dłużej się czeka, ale z zew juz wcale. Najlepsze jest to że nic nie było zmieniane a port nadal jest 22. W skrócie można powiedzieć że wczoraj było OK a dziś już nie.. restart firewalla nie pomaga ani usługi SSH. Reboot całej maszny również.
ssh_config
# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
Host *
ForwardX11 yes
Protocol 2,1
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
# Send locale-related environment variables
#SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
#SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
#SendEnv LC_IDENTIFICATION LC_ALL
StrictHostKeyChecking no
wycinek z firewall'a
# zaplotkuj jesli nie chcesz udostepniac SSH do inetu
if [ "$SSH" = "1" ]; then
PORT_SSH=`grep ^Port /etc/ssh/sshd_config| cut -f 2 -d " "`
[ -z $PORT_SSH ] && PORT_SSH=22
$i -A INPUT -p tcp -i $EXTIF --dport $PORT_SSH -j ACCEPT
#
przy restarcie brak jakich kolwiek błędów.
Serwer jest bramą dla innych PC w Lanie i ma bezpośrednie wyjście na świat. Tylko zanim jest switch z AP ale to male ma znaczenie.
pozdrawiam