Hi,

I'm using SecureCRT 5.2.1 and i want to make ssh tunnel to access some
UNIX servers which i can't access directly from my computer.

I'm fairly new to this so i have no clue what to do.

here is the scenario:

I have to access Host 2 , but to get to host 2 i have to first access
Host1.

My Windows copmuter ---> Host1 --->Host2

I want to be able to access Host2 without going through the process of
logging into Host1 every time i open a new tab, just like in Putty if
i create a tunnel i can access other hosts till the time i have the
window open to the jump box. Is there a way of doing it on SecureCRT?
I don't know how to set on SecureCRT....

Can anyone please help me....

D

Hello all,

I am unable to ssh into a diskless host running Fedora. When I boot
into the golden image (same kernel and root files), I can ssh.
Perhaps I'm missing something?

Description: Fedora 6 - kernel: 2.6.22.14 which I recompiled in
order to make the necessary kernel changes to support NFSROOT.

Problem: The host boots ok via PXE as expected. I can login into the
host via tty. Attempts to ssh from another host causes it to hang. I
checked its /var/log/secure message and found the following:

Feb 28 17:55:09 localhost sshd[2964]: Accepted password for sofia from
127.0.0.1 port 36123 ssh2
Feb 28 17:55:09 localhost sshd[2964]: error: openpty: No such file or
directory
Feb 28 17:55:09 localhost sshd[2966]: error: session_pty_req: session
0 alloc failed

Note: most of this post is based on OpenSSH

When I do a remote forward (port on server listens for incoming
traffic, traffic gets forwarded to port that is listening on client),
the source IPs of all the incoming connections in the server app on
the client machine are 127.0.0.1/localhost. Using "-v", I can see that
sshd passes the IP addresses of what computers connected to the sshd's
port that forwards to the client. The client does not use/set the
originating information when connect. RFC 4254 requires the server
send the originating IP across the wire to the client.
-------------------------------------------------------------------------------------------------------------------------
7.2. TCP/IP Forwarding Channels

When a connection comes to a port for which remote forwarding has
been requested, a channel is opened to forward the port to the
other
side.

byte SSH_MSG_CHANNEL_OPEN
string "forwarded-tcpip"
uint32 sender channel
uint32 initial window size
uint32 maximum packet size
string address that...

Hi,

I am using putty to remote into a win 2k SP4 server running open ssh.
Once connected I am using plink on the server to RLogin to a telephone
exchange (although I have also tried using rlogin in the cygwin
package).

Everything works fine until I need to logout. To end the session on
the exchange you have to sent the control sequence CTRL+pdt . This is
not working. I either get gibberish onscreen or nothing at all.

If I plink to the phone exchange from the server console (not via SSH)
then it works perfectly so it must be something in the SSH tunnel that
drops/corrupts the ctrl sequence.

Can anyone think of a way around this or had a similar issue?

many thanks

Zeth

I've just been looking through my auth logs and notice hundreds of failed
sshd login attempts over the last week or so. sshd is untweaked so will
be running standard settings for debian etch. What should I be doing to
harden sshd to reduce hack success? I've made a note of all the IP's used
and times of attempts so far but thats all.

thanks

Gav

I've been searching in vain for any documentation about how Kerberized
ssh authorizes an authenticated Kerberos principal to connect as a
certain user. The default behavior seems to be that the principal
name (not including the realm) must match the Unix username. For
example, user123@AN.ACCEPTABLE.REALM can log in as user123.

Can I configure this behavior? Specifically, I want to configure ssh
so that a specified list of Kerberos principals is authorized to
connect as a certain user. Even better would be to allow any Kerberos
principal matching a specified pattern to connect as that user.

Is this possible?

Thanks,
David

Dear all,

I've recently noticed some packets coming in on port 22 (sshd) on my
external interface from the 192.168.1.0/24 network. I don't have any
local machines on this network and the packets are coming in on my WAN
interface (via my router). How is that possible? My understanding was
that this network was not routeable from the internet. I'm guessing
someone is try to get at my sshd server. Below are the packets. Is
there any way to get more info on where they are coming from?

Feb 20 20:02:14 tti kernel: iptables chain hostile: IN=eth1 OUT=
MAC=00:0e:0c:dd:73:16:00:11:6e:00:f9:70:08:00 SRC=192.168.1.126
DST=172.16.251.61 LEN=228 TOS=0x10 PREC=0x00 TTL=47 ID=19109 DF
PROTO=TCP SPT=38196 DPT=22 WINDOW=16022 RES=0x00 ACK PSH FIN URGP=0

I'm using iptables on a 2.6 Linux box.

Kevin

I had connected to a server via ssh. After issuing some networking
commands to change the eth0 IP addresses from xxx.xx.xx.xx to
xxx.xx.xx.yz, the ssh session "hang". i.e. the screen just freezes and
I get no prompt.
I have to use the serial port to continue my configuration. i.e.
ifdown eth0
ifup eth0

Is there a way to do all this using ssh? I want to avoid using the
serial port if possible.

I need to disable all outgoing ssh v1 requests from the client. Can
anybody tell me how to do that?

Does any one here how to copy files from Linux to Windows skipping the
password?? I have found several pages which describe the method like

http://mah.everybody.org/docs/ssh
i.e
HostA->Linux environment
HostB->Win environment
I follow step by step the description but when I want to add my keys
in my HostA it says
Failed to connect to authentication agent - agent not running?

all of this is due I wanna input that scp copy in a crontab job

thanks guys