[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:41441] Re: sshd のアクセス制限方法に関して

From: Kenshi Muto <kmuto@xxxxxxxx>
Subject: [debian-users:41441] Re: sshd のアクセス制限方法に関して
Date: Fri, 17 Sep 2004 22:25:42 +0900
List-help: <mailto:debian-users-ctl@debian.or.jp?body=help>
List-id: debian-users.debian.or.jp
List-owner: <mailto:debian-users-admin@debian.or.jp>
List-post: <mailto:debian-users@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-users-ctl@debian.or.jp?body=unsubscribe>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
X-ml-name: debian-users
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-original-to: debian-users@debian.or.jp
X-spam-level: *
X-spam-status: No, hits=1.0 required=10.0 tests=HOT_NASTY,IN_REP_TO,ISO2022JP_BODY,ISO2022JP_CHARSET, QUOTED_EMAIL_TEXT,RCVD_IN_ORBS,RCVD_IN_OSIRUSOFT_COM, REFERENCES,SIGNATURE_SHORT_DENSE,SPAM_PHRASE_00_01, USER_AGENT,X_OSIRU_OPEN_RELAY version=2.44
X-virus-scanned: by amavisd-new-20030616-p7 (Debian) at topstudio.co.jp
References: <20040917202812.D921.SUZUKI@xxxxxxxxxx> <040917205910.M0301720@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20040917212652.D925.SUZUKI@xxxxxxxxxx>
Message-id: <20040917132540.EE989223047@xxxxxxxxxxxxxxxxxxxx>
X-mail-count: 41441
User-agent: Wanderlust/2.11.30 (Wonderwall) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 MULE XEmacs/21.4 (patch 15) (Security Through Obscurity) (i386-debian-linux)

武藤＠Debianぷろじぇくとです。

At Fri, 17 Sep 2004 21:43:42 +0900,
suzuki@xxxxxxxxxx wrote:
> # slogin -vvv suzuki@xxxxxxxxxxxxxxx
> OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Rhosts Authentication disabled, originating port will not be trusted.
> debug1: ssh_connect: needpriv 0
> debug1: Connecting to XXX.XXX.XXX.XXX [XXX.XXX.XXX.XXX] port 22.
> debug1: Connection established.
> debug1: identity file /root/.ssh/identity type -1
> debug1: identity file /root/.ssh/id_rsa type -1
> debug1: identity file /root/.ssh/id_dsa type -1
> ssh_exchange_identification: Connection closed by remote host
> debug1: Calling cleanup 0x80675a0(0x0)
> で、恥ずかしながらsloginを知りませんでした。。。

> で、このログの味方も間違ってるかもしれませんが、認証方法で蹴られてるので
> しょうか？

TCP wrappersかルータでREJECTしているように見えます。

/etc/hosts.denyでALL:ALLして/etc/hosts.allowでは特にsshdの許可設定をし
ていない、ということはありませんか。

/var/log/auth.logに「sshd: refused connect from アドレス」が残っていれ
ばTCP wrappersの問題かと思います。

sshのサーバーでsyslogやauth.logなどのログを監視して、ログインしようと
したときに何も変わりがなければルーターかホストのiptablesレベルで蹴って
いるのでしょう。
-- 
武藤 健志＠ kmuto @ kmuto.jp
           Debian/JPプロジェクト   (kmuto@debian.org, kmuto@debian.or.jp)
           株式会社トップスタジオ  (kmuto@xxxxxxxxxxxxxxx)
URI: http://www.topstudio.co.jp/~kmuto/ (Debianな話題など)

Follow-Ups:
- [debian-users:41442] Re: sshd のアクセス制限方法に関して
  - From: Tietew

References:
- [debian-users:41436] sshd$B$N%"(B$B%/%;%9@)8BJ}K!$K4X$7$F(B
  - From: suzuki
- [debian-users:41437] Re: sshd のアクセス制限方法に関して
  - From: NAKANO Takeo
- [debian-users:41440] Re: sshd $B$N%"%/%;%9@)8BJ}K!$K4X$7(B$B$F(B
  - From: suzuki

Prev by Date: [debian-users:41440] Re: sshd $B$N%"%/%;%9@)8BJ}K!$K4X$7(B$B$F(B
Next by Date: [debian-users:41442] Re: sshd のアクセス制限方法に関して
Previous by thread: [debian-users:41440] Re: sshd $B$N%"%/%;%9@)8BJ}K!$K4X$7(B$B$F(B
Next by thread: [debian-users:41442] Re: sshd のアクセス制限方法に関して
Index(es):
- Date
- Thread