I forgot to mention that they can all ping each other
On Sun, Mar 18, 2012 at 5:01 PM, Michael Havens <
bmike1@gmail.com> wrote:
> it is strange and I think related to the printing issue that when I try to
> ssh from the server to the laptop the connection is refused but when I try
> the other way the connection times out. Does that little piece of
> information help any?
> --more info--
> ssh server to xp=timeout
> ssh laptopto XP= timeout
> ssh xp to laptop=connection refused (cygwin)
> ssh xp to server=connection timeout (cygwin)
>
>
> On Sun, Mar 18, 2012 at 4:21 PM, Michael Havens <bmike1@gmail.com> wrote:
>
>>
>>
>> On Sat, Mar 17, 2012 at 6:35 AM, Lisa Kachold <lisakachold@obnosis.com>wrote:
>>
>>> Good Job Michael! You have negotiated the ufw. Keep in mind that you
>>> would not want to open all this on a traveling laptop (since it would
>>> expose trusted services to all). Now just because you have opened the
>>> ports on one system, you can't be sure they are actually "seen" from the
>>> other system without a test?
>>>
>>> From the other system, now run:
>>>
>>> # nmap $thissystem
>>>
>>> Did you see 22 tcp open from the other system NOW?
>>>
>>> no.
>>
>> bmike1@Michaels-Laptop ~ $ sudo nmap 192.168.0.4 (laptops ip)
>>
>> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:11 MST
>> Nmap scan report for 192.168.0.4
>> Host is up (0.000022s latency).
>> Not shown: 999 closed ports
>> PORT STATE SERVICE
>> 631/tcp open ipp
>>
>> Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
>>
>> bmike1@Michaels-Laptop ~ $ sudo nmap 192.168.0.3 (print servers ip)
>>
>> Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-18 15:12 MST
>> Nmap scan report for 192.168.0.3
>> Host is up (0.0020s latency).
>> Not shown: 997 filtered ports
>> PORT STATE SERVICE
>> 139/tcp open netbios-ssn
>> 443/tcp open https
>> 445/tcp open microsoft-ds
>> MAC Address: 00:09:6B:78:AB:F0 (IBM)
>>
>> Nmap done: 1 IP address (1 host up) scanned in 12.29 seconds
>> bmike1@Michaels-Laptop ~ $
>>
>> Make sure it's enabled for the service via ufw (on the target system):
>>>
>>> # sudo ufw allow ssh
>>>
>>> it said the rule already exists.
>>
>>
>>> It appears that your ssh is timing out, but the logs can tell you why:
>>>
>>> On the target system:
>>>
>>> # tail /var/log/messages
>>> or
>>> # tail /var/log/secure
>>>
>>> it responded '...no such file...'
>>
>> Sshd is setup by default for strict host checking, so you MUST have an
>>> acceptable /etc/hosts file configuration:
>>>
>>> There must be a hostname that matches your host entry, which matches
>>> your IP address.
>>>
>>
>> Here is now my /etc/hosts file
>>
>> 127.0.0.1 localhost
>> 127.0.1.1 Michaels-PC
>> #####################
>> #added
>> 192.168.0.2 SonyDesktop <-this is the computer name..... if I'm
>> supposed to put something else in please
>> tell me how to get that
>> info on an XP
>> 192.168.0.4 Michaels-Laptop <-I put the computer name in because
>> that is what is in there in /etc/hosts
>> [127.0.0.1 (computer
>> name)]
>> #added
>> #####################
>> # The following lines are desirable for IPv6 capable hosts
>> ::1 ip6-localhost ip6-loopback
>> fe00::0 ip6-localnet
>> ff00::0 ip6-mcastprefix
>> ff02::1 ip6-allnodes
>> ff02::2 ip6-allrouters
>>
>>
>>
>>> You can also do a couple of ssh daemon "hacks", by editing the
>>> /etc/ssh/sshd_config file:
>>>
>>> If I do this I don't need to worry about /etc/hosts?
>>
>>
>>> a) Allow root ssh (which is disallowed by default) [What command are you
>>> running from the other system to get here? As root?]:
>>>
>>> Find out line that read as follows:
>>> *PermitRootLogin no*
>>> Set it as follows:
>>> *PermitRootLogin yes*
>>>
>>> b) Disable Strict
>>> *StrictHostKeyChecking* *yes
>>> *set it as follows:*
>>> **StrictHostKeyChecking* *no*
>>>
>>> c) Change/extend the timeouts:
>>>
>>> *ServerAliveInterval 100*
>>>
>>>
>>> These changes can be used to provide more information on why you are not
>>> connecting.
>>>
>>> ALWAYS remember to copy your original CONFIGS to backup before editing
>>> so you can seamlessly roll forward and back.
>>>
>>> Don't forget to restart ssh daemon after making configuration changes!
>>>
>>> Nope... didn't work.
>>
>>
>>>
>>>
>> On Fri, Mar 16, 2012 at 11:00 PM, James Mcphee <jmcphe@gmail.com> wrote:
>>>
>>>> if you're opening that much, just disable iptables until you figure out
>>>> what you need to leave open.
>>>> On Mar 16, 2012 6:06 PM, "Michael Havens" <bmike1@gmail.com> wrote:
>>>>
>>>>> hmmmmmm..... opening the ports didn't help any. I opened:
>>>>>
>>>>> bmike1@Michaels-PC:~$ sudo ufw status
>>>>> Status: active
>>>>>
>>>>> To Action From
>>>>> -- ------ ----
>>>>> 22 ALLOW Anywhere
>>>>> 137 ALLOW Anywhere
>>>>> 138 ALLOW Anywhere
>>>>> 139 ALLOW Anywhere
>>>>> 445 ALLOW Anywhere
>>>>> 389 ALLOW Anywhere
>>>>> 901 ALLOW Anywhere
>>>>> 53 ALLOW Anywhere
>>>>> 80 ALLOW Anywhere
>>>>> 110 ALLOW Anywhere
>>>>> 143 ALLOW Anywhere
>>>>> 443 ALLOW Anywhere
>>>>> 631 ALLOW Anywhere
>>>>> 993 ALLOW Anywhere
>>>>> 995 ALLOW Anywhere
>>>>> 5800 ALLOW Anywhere
>>>>> 5900 ALLOW Anywhere
>>>>> 9418 ALLOW Anywhere
>>>>> 8080 ALLOW Anywhere
>>>>> 22 ALLOW Anywhere (v6)
>>>>> 137 ALLOW Anywhere (v6)
>>>>> 138 ALLOW Anywhere (v6)
>>>>> 139 ALLOW Anywhere (v6)
>>>>> 445 ALLOW Anywhere (v6)
>>>>> 389 ALLOW Anywhere (v6)
>>>>> 901 ALLOW Anywhere (v6)
>>>>> 53 ALLOW Anywhere (v6)
>>>>> 80 ALLOW Anywhere (v6)
>>>>> 110 ALLOW Anywhere (v6)
>>>>> 143 ALLOW Anywhere (v6)
>>>>> 443 ALLOW Anywhere (v6)
>>>>> 631 ALLOW Anywhere (v6)
>>>>> 993 ALLOW Anywhere (v6)
>>>>> 995 ALLOW Anywhere (v6)
>>>>> 5800 ALLOW Anywhere (v6)
>>>>> 5900 ALLOW Anywhere (v6)
>>>>> 9418 ALLOW Anywhere (v6)
>>>>> 8080 ALLOW Anywhere (v6)
>>>>>
>>>>> bmike1@Michaels-PC:~$
>>>>>
>>>>>
>>>>> What else do you think I should open?
>>>>>
>>>>>
>>>>> On Fri, Mar 16, 2012 at 10:44 AM, Michael Havens <bmike1@gmail.com>wrote:
>>>>>
>>>>>> look what I found in my quest to open ports for printing: I found a
>>>>>> program called ufw which is a 'program for managing a netfilter
>>>>>> firewall.' And one of the commands is:
>>>>>>
>>>>>> ufw allow 53
>>>>>> This rule will allow tcp and udp port 53 to any address on
>>>>>> this
>>>>>> host.
>>>>>>
>>>>>> Which is the printers port?... of course 631. my search engine is
>>>>>> givong me another: 515? But both of my computers print.
>>>>>> Do you know if I can specify more than one port in the command?
>>>>>> oops... I just found the correct syntax:
>>>>>> ufw allow 18:25,50:110,130:150,389:445,
>>>>>> 631,900:1000,5800:5900,8080,9418
>>>>>> the man page says I'm allowed 15 numbers in there. No spaces,
>>>>>> separated by a coma, and ranges (x:y ) count as two numbers.
>>>>>>
>>>>>> What other ports does the great brain known as PLUG believe is good
>>>>>> to open?
>>>>>> I think ufw is basically a program to make iptables easier. Or do
>>>>>> you want to give me a tutelage on iptables. I'm willing if you are! Does
>>>>>> anyone have any pointers about ufw?
>>>>>>
>>>>>> ufw probably is an acronym for unix fire wall. or perhaps ubuntu
>>>>>> fire wall.
>>>>>>
>>>>>>
>>>>>
>>> --
>>> (503) 754-4452 Android
>>> (623) 239-3392 Skype
>>> (623) 688-3392 Google Voice
>>> **
>>> it-clowns.com
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> --
>> :-)~MIKE~(-:
>>
>
>
>
> --
> :-)~MIKE~(-:
>
--
:-)~MIKE~(-:
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss