I'm running D3/Linux and am finally going to drop most of my green
screens for XP or Linux desktops. I'm having trouble setting up ssh for
access from these new boxes.

I can ping my pick host, and on the pick host I can "ssh localhost" and
establish a connection. What do I have to do to be able to ssh in from
other boxes on the LAN? Will I be able to ssh in from home (through the
firewall)?

Thanks,

Bruce

Bruce,

If you have the Linux firewall (iptables service) running on the
D3/Linux host then you will need to enable port 22. Since you can ssh
localhost, it seems that the sshd service is running. To allow ssh
access from an external address, you will need to configure your
firewall/router to pass port 22 to the ip address of your D3/Linux host.

I am curious as to why you want to run ssh internally instead of telnet?
To me, telnet seems easier, has less overhead, and under D3/Linux you
can configure auto-xinet to assign D3 sessions to specific ports (I use
16000 to 16nnn typically)- no Linux logins required (ok- good or bad,
depending).

At some sites I configure an empty RH9 or Fedora box (old P2 or P3?) to
act as a ssh gateway. The router points to the gateway box, which
contains no data or applications and has very limited users/logins. One
or more of those logins does an rlogin to the D3 host in the
..bash_profile (then exits). Thus external ssh users always log into the
gateway box, then are connected to the D3 host without an additional
login. Since there is NOTHING on the gateway box, if it is hacked or
crashed it is not a big deal... just reload and you're back up.

/Scott Ballinger
Pareto Corporation
Edmonds WA USA
206 713 6006

Lewis Supply Company wrote:

Hello Bruce

I agree with Scott on the TELNET side.

Have you even tried a TELNET instead of an SSH. That will prove the
FIREWALL theory to some extent.

Some things to remember on TELNET though.

TELNET is not started as "default", so you will need to update the
/etc/xinet.d folder to enable it.

If you are running on Red Hat Enterprise 3.0 or 4.0, then the TELNET
package is not EVEN loaded as default. You will have to ADD that
pacakge.

John