I have installed the OpenSSH by following the instructions at "http://www.fandelem.com/nhf-9.html#ss9.1". I use TAR rather than RPM instead... By typing "netstat -vat | grep ssh", I can get the "tcp 0 0 *:ssh *:* LISTEN" response.

But when I use PuTTY, I failed to have SSH connection... the error message said:

Unable to open connection: Protocol initialsation error.

The /var/log/messages haven't recorded any SSH error messages... so strange...

What's wrong with my setup? Please help! Thanks,

Kevin

P.S. The mini-howto at "fandelem.com" is very useful, thanks! http://www.linuxnewbie.org/ubb/smile.gif

[This message has been edited by ckevin (edited 01 December 2000).]

what distro?
i use slackware on one of my servers and had similar problems at first. if you're using slackware also, look for specific directions in the openssh faqs.

thanks, but I'm using RedHat 6.2 actually, can anyone help me?

Thanks,

kevin

Do you have a firewall up? If so, be sure to allow port 22 open to all hosts you want to connect from. Also, you may want to consider that your hosts.allow and hosts.deny config comes into play here; do you allow connections from the machine running PuTTY?

How can I check if the server behind firewall or check the port 22 is currently opened?

I haven't static IP, so I cannot put my IP in hosts.allow file, right? Also, I found no IPs in hosts.deny file...

Also, if need, can you tell me how to allow connections from the machine running PuTTy?

Actually, I just use the method stated in the page "http://www.fandelem.com/nhf-9.html#ss9.1" and I haven't do anything else...

Thanks very much.

kevin

How can I check if the server behind firewall or check the port 22 is currently opened?

Hmmm.. if you dont know how to check your firewall rules I suppose you dont have a firewall up and running. Lets presume that you have an open port 22...

I haven't static IP, so I cannot put my IP in hosts.allow file, right? Also, I found no IPs in hosts.deny file...

You should at the very least have a properly configured hosts.deny file; you want to deny all access to services indicated in /etc/inetd.conf. For starters, comment out any unwanted services in your inetd.conf file, and edit your hosts.deny file to have just one line:

ALL: ALL

This denies access by default; inetd will look up this file whenever a host tries to connect to a service port and automatically deny access to all hosts.
The first file it checks is hosts.allow to see what hosts are listed and allowed access. If there are none, or if none match, it heads over to hosts.deny and relies on the entry there. Otherwise, it allows all access. You do not want this. So to answer your question, you do not have to have IP's specifically listed in the access files, you can use wildcards to either allow or deny everyone.
You may have to come up with a hack to satisfy any dynamic IP's you may be dealing with, maybe a script that sticks valid IP's in hosts.allow when you dialup??


[This message has been edited by bdl (edited 01 December 2000).]

[This message has been edited by bdl (edited 01 December 2000).]

ok, I have added the hosts.deny:

ALL: ALL

and added my ISP's IPs in hosts.allow, and I can telnet but cannot get successful SSH login by PuTTy...

Error:
Unable to open connection: Protocol initialsation error.

Please help! Thanks,

kevin

Actually, I have installed ZOC also and test the SSH connection with my server. It only display:

[SSH] CONNECT myserver.com/x.x.x.x

But never have a repsonse afterwards, and I check the /var/log/message, I can't find it has wrote anything...

Please help!

Thanks so much.

kevin