Re: attach XP computer to network fror printing

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Michael Havens
Date:  
To: Main PLUG discussion list
Subject: Re: attach XP computer to network fror printing
it is strange and I think related to the printing issue that when I try to
ssh from the server to the laptop the connection is refused but when I try
the other way the connection times out. Does that little piece of
information help any?
--more info--
ssh server to xp=timeout
ssh laptopto XP= timeout
ssh xp to laptop=connection refused (cygwin)
ssh xp to server=connection timeout (cygwin)

On Sun, Mar 18, 2012 at 4:21 PM, Michael Havens <> wrote:

>
>
> On Sat, Mar 17, 2012 at 6:35 AM, Lisa Kachold <>wrote:
>
>> Good Job Michael! You have negotiated the ufw. Keep in mind that you
>> would not want to open all this on a traveling laptop (since it would
>> expose trusted services to all). Now just because you have opened the
>> ports on one system, you can't be sure they are actually "seen" from the
>> other system without a test?
>>
>> From the other system, now run:
>>
>> # nmap $thissystem
>>
>> Did you see 22 tcp open from the other system NOW?
>>
>> no.
>
> bmike1@Michaels-Laptop ~ $ sudo nmap 192.168.0.4 (laptops ip)
>
> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:11 MST
> Nmap scan report for 192.168.0.4
> Host is up (0.000022s latency).
> Not shown: 999 closed ports
> PORT    STATE SERVICE
> 631/tcp open  ipp

>
> Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
>
> bmike1@Michaels-Laptop ~ $ sudo nmap 192.168.0.3 (print servers ip)
>
> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:12 MST
> Nmap scan report for 192.168.0.3
> Host is up (0.0020s latency).
> Not shown: 997 filtered ports
> PORT    STATE SERVICE
> 139/tcp open  netbios-ssn
> 443/tcp open  https
> 445/tcp open  microsoft-ds
> MAC Address: 00:09:6B:78:AB:F0 (IBM)

>
> Nmap done: 1 IP address (1 host up) scanned in 12.29 seconds
> bmike1@Michaels-Laptop ~ $
>
> Make sure it's enabled for the service via ufw (on the target system):
>>
>> # sudo ufw allow ssh
>>
>> it said the rule already exists.
>
>
>> It appears that your ssh is timing out, but the logs can tell you why:
>>
>> On the target system:
>>
>> # tail /var/log/messages
>> or
>> # tail /var/log/secure
>>
>> it responded '...no such file...'
>
> Sshd is setup by default for strict host checking, so you MUST have an
>> acceptable /etc/hosts file configuration:
>>
>> There must be a hostname that matches your host entry, which matches your
>> IP address.
>>
>
> Here is now my /etc/hosts file
>
> 127.0.0.1       localhost
> 127.0.1.1       Michaels-PC
> #####################
> #added
> 192.168.0.2     SonyDesktop      <-this is the computer name..... if I'm
> supposed to put something else in please
>                                                   tell me how to get that
> info on an XP
> 192.168.0.4     Michaels-Laptop  <-I put the computer name in because that
> is what is in there in /etc/hosts
>                                                    [127.0.0.1 (computer
> name)]
> #added
> #####################
> # The following lines are desirable for IPv6 capable hosts
> ::1     ip6-localhost ip6-loopback
> fe00::0 ip6-localnet
> ff00::0 ip6-mcastprefix
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters

>
>
>
>> You can also do a couple of ssh daemon "hacks", by editing the
>> /etc/ssh/sshd_config file:
>>
>> If I do this I don't need to worry about /etc/hosts?
>
>
>> a) Allow root ssh (which is disallowed by default) [What command are you
>> running from the other system to get here? As root?]:
>>
>> Find out line that read as follows:
>> *PermitRootLogin no*
>> Set it as follows:
>> *PermitRootLogin yes*
>>
>> b) Disable Strict
>> *StrictHostKeyChecking* *yes
>> *set it as follows:*
>> **StrictHostKeyChecking* *no*
>>
>> c) Change/extend the timeouts:
>>
>> *ServerAliveInterval 100*
>>
>>
>> These changes can be used to provide more information on why you are not
>> connecting.
>>
>> ALWAYS remember to copy your original CONFIGS to backup before editing so
>> you can seamlessly roll forward and back.
>>
>> Don't forget to restart ssh daemon after making configuration changes!
>>
>> Nope... didn't work.
>
>
>>
>>
> On Fri, Mar 16, 2012 at 11:00 PM, James Mcphee <> wrote:
>>
>>> if you're opening that much, just disable iptables until you figure out
>>> what you need to leave open.
>>> On Mar 16, 2012 6:06 PM, "Michael Havens" <> wrote:
>>>
>>>>      hmmmmmm..... opening the ports didn't help any. I opened:

>>>>
>>>> bmike1@Michaels-PC:~$ sudo ufw status
>>>> Status: active
>>>>
>>>> To                         Action      From
>>>> --                         ------      ----
>>>> 22                         ALLOW       Anywhere
>>>> 137                        ALLOW       Anywhere
>>>> 138                        ALLOW       Anywhere
>>>> 139                        ALLOW       Anywhere
>>>> 445                        ALLOW       Anywhere
>>>> 389                        ALLOW       Anywhere
>>>> 901                        ALLOW       Anywhere
>>>> 53                         ALLOW       Anywhere
>>>> 80                         ALLOW       Anywhere
>>>> 110                        ALLOW       Anywhere
>>>> 143                        ALLOW       Anywhere
>>>> 443                        ALLOW       Anywhere
>>>> 631                        ALLOW       Anywhere
>>>> 993                        ALLOW       Anywhere
>>>> 995                        ALLOW       Anywhere
>>>> 5800                       ALLOW       Anywhere
>>>> 5900                       ALLOW       Anywhere
>>>> 9418                       ALLOW       Anywhere
>>>> 8080                       ALLOW       Anywhere
>>>> 22                         ALLOW       Anywhere (v6)
>>>> 137                        ALLOW       Anywhere (v6)
>>>> 138                        ALLOW       Anywhere (v6)
>>>> 139                        ALLOW       Anywhere (v6)
>>>> 445                        ALLOW       Anywhere (v6)
>>>> 389                        ALLOW       Anywhere (v6)
>>>> 901                        ALLOW       Anywhere (v6)
>>>> 53                         ALLOW       Anywhere (v6)
>>>> 80                         ALLOW       Anywhere (v6)
>>>> 110                        ALLOW       Anywhere (v6)
>>>> 143                        ALLOW       Anywhere (v6)
>>>> 443                        ALLOW       Anywhere (v6)
>>>> 631                        ALLOW       Anywhere (v6)
>>>> 993                        ALLOW       Anywhere (v6)
>>>> 995                        ALLOW       Anywhere (v6)
>>>> 5800                       ALLOW       Anywhere (v6)
>>>> 5900                       ALLOW       Anywhere (v6)
>>>> 9418                       ALLOW       Anywhere (v6)
>>>> 8080                       ALLOW       Anywhere (v6)

>>>>
>>>> bmike1@Michaels-PC:~$
>>>>
>>>>
>>>>      What else do you think I should open?

>>>>
>>>>
>>>> On Fri, Mar 16, 2012 at 10:44 AM, Michael Havens <>wrote:
>>>>
>>>>> look what I found in my quest to open ports for printing: I found a
>>>>> program called ufw which is a 'program for managing a netfilter
>>>>> firewall.' And one of the commands is:
>>>>>
>>>>>        ufw allow 53
>>>>>        This  rule  will allow tcp and udp port 53 to any address on
>>>>> this
>>>>>        host.

>>>>>
>>>>> Which is the printers port?... of course 631. my search engine is
>>>>> givong me another: 515? But both of my computers print.
>>>>> Do you know if I can specify more than one port in the command?
>>>>> oops... I just found the correct syntax:
>>>>>      ufw allow 18:25,50:110,130:150,389:445,
>>>>> 631,900:1000,5800:5900,8080,9418
>>>>> the man page says I'm allowed 15 numbers in there. No spaces,
>>>>> separated by a coma, and ranges (x:y ) count as two numbers.

>>>>>
>>>>> What other ports does the great brain known as PLUG believe is good to
>>>>> open?
>>>>> I think ufw is basically a program to make iptables easier. Or do you
>>>>> want to give me a tutelage on iptables. I'm willing if you are! Does anyone
>>>>> have any pointers about ufw?
>>>>>
>>>>> ufw probably is an acronym for unix fire wall. or perhaps ubuntu fire
>>>>> wall.
>>>>>
>>>>>
>>>>
>> --
>> (503) 754-4452 Android
>> (623) 239-3392 Skype
>> (623) 688-3392 Google Voice
>> **
>> it-clowns.com
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> :-)~MIKE~(-:
>




--
:-)~MIKE~(-:
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss