iptables block ssh connections with putty

This is a discussion on iptables block ssh connections with putty within the Linux Security forums, part of the System Security and Security Related category; Hi all, I run a SuSE 8.1 server with kernel 2.4.19 hosted by some provider. I want ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page iptables block ssh connections with putty

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-04-2003
Achim Gerber
 
Posts: n/a
Default iptables block ssh connections with putty
Hi all,

I run a SuSE 8.1 server with kernel 2.4.19 hosted by some provider.

I want to set up a couple services. but first of all I need to make
shure to be able to reconnect. - but it fails (without rebooting)

this is what I do

Using username "achim".
Authenticating with public key "rsa-key-20030616" from agent
Last login: Fri Jul 4 23:04:53 2003 from
p3ee0608a.dip0.t-ipconnect.de
Have a lot of fun...
achim@ip:~> su -
Password:
ip:~ # cd bin
ip:~/bin # lsmod
Module Size Used by Not tainted
isa-pnp 31520 0 (unused)
ipv6 150036 -1 (autoclean)
tulip 41344 1
lvm-mod 65184 0 (autoclean)
reiserfs 193424 1
ip:~/bin # ./testreboot &
[1] 10048
ip:~/bin #
Broadcast message from root (pts/0) (Fri Jul 4 23:48:32 2003):

The system is going DOWN for reboot in 3 minutes!

ip:~/bin # cat logiptables
#!/bin/sh

#iptables -v -F
#iptables -v -X
#iptables -v -Z

#IFACE="eth0"
#iptables -v -P INPUT ACCEPT
#iptables -v -P OUTPUT ACCEPT
#iptables -v -P FORWARD ACCEPT

#iptables -v -A INPUT -j LOG --log-prefix "AJK LOG IN : "
#iptables -v -A OUTPUT -j LOG --log-prefix "AJK LOG OUT : "
#iptables -v -A FORWARD -j LOG --log-prefix "AJK LOG FORWARD: "

iptables -v -A INPUT -j ACCEPT
iptables -v -A OUTPUT -j ACCEPT
iptables -v -A FORWARD -j ACCEPT

tail -f /var/log/messages | grep AJK >> ~achim/log/log.txt &
# THE END
# ================================================== ================


ip:~/bin # ./logiptables
ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
ip:~/bin # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ip:~/bin # lsmod
Module Size Used by Not tainted
iptable_filter 1740 1 (autoclean)
ip_tables 11704 1 [iptable_filter]
isa-pnp 31520 0 (unused)
ipv6 150036 -1 (autoclean)
tulip 41344 1
lvm-mod 65184 0 (autoclean)
reiserfs 193424 1
ip:~/bin #


somehow I have the impression that only loading the module ip_tables
cuts me out.

Is there someone, who can help? Thanks in advance!

- Achim
Reply With Quote
  #2 (permalink)  
Old 07-05-2003
bob niederman
 
Posts: n/a
Default Re: iptables block ssh connections with putty
Achim Gerber wrote:

> ip:~/bin # cat logiptables
> #!/bin/sh
>
> iptables -v -A INPUT -j ACCEPT
> iptables -v -A OUTPUT -j ACCEPT
> iptables -v -A FORWARD -j ACCEPT
>
> tail -f /var/log/messages | grep AJK >> ~achim/log/log.txt &

(interesting to have tail -f in a script, then go to background. Does
this have the inteded effect of new entries in /var/log/messages being
appended to your log file forever?)

Your display of iptable -L shows you accepting everything everywhere.

You might want to add:

iptables -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

into your script.

iptables -L -v whould show you what is matching your chains, but given
that you're accepting everything eveywhere, iptables shouldn;t be the issue.


Note that more secure firewall would deny by default, permitting only
the things you *know* you want, but in troubleshootiong mode you often
have to start fropm the other dirtection.
>
> somehow I have the impression that only loading the module ip_tables
> cuts me out.

Why do you think that? when you're locked out in ssh, can you or
someone do an
iptables -L -n -v to see if there are rules that are denying you?

ALso, can you get someone to unload iptables modules to see if that gets
you unlocked?



----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---
Reply With Quote
  #3 (permalink)  
Old 07-06-2003
Achim Gerber
 
Posts: n/a
Default Re: iptables block ssh connections with putty
> (interesting to have tail -f in a script, then go to background. Does
> this have the inteded effect of new entries in /var/log/messages being
> appended to your log file forever?)

.... this is only for debugging - it will not be in the final script


> iptables -F
> iptables -P INPUT ACCEPT
> iptables -P OUTPUT ACCEPT
> iptables -P FORWARD ACCEPT
>
> into your script.

I did try this - but it does not work.

I guess I need to be more precise on my problem.

1. I log on to my server with putty/ssh - OK
2. I start a script to reboot my server after 3 minutes
3. I start the log file in my first mail - OK

--> my ssh session still works - port 22 packages go through OK

BUT!!! I can not open a second putty/ssh login to my server

I think it has to do with the loaded modules or with the auth mechanism of ssh

Is there any experience out there on this?

Regards, Achim
Reply With Quote
  #4 (permalink)  
Old 07-06-2003
Martin Cooper
 
Posts: n/a
Default Re: iptables block ssh connections with putty
Achim.Gerber@i18n-support.de (Achim Gerber) wrote:

>
> I did try this - but it does not work.
>
> I guess I need to be more precise on my problem.
>
> 1. I log on to my server with putty/ssh - OK
> 2. I start a script to reboot my server after 3 minutes
> 3. I start the log file in my first mail - OK
>
> --> my ssh session still works - port 22 packages go through OK
>
> BUT!!! I can not open a second putty/ssh login to my server
>
> I think it has to do with the loaded modules or with the auth mechanism of
ssh
>
> Is there any experience out there on this?
>
> Regards, Achim
>

If this only occurs when your script has issued a shutdown command, then the
man page has your answer I qoute :-

"shutdown brings the system down in a secure way. All logged-in users are
notified that the system is going down, and login(1) is blocked."

Otherwise, you need to say what the script you run does exactly.

--

Martin
Reply With Quote
  #5 (permalink)  
Old 07-07-2003
Achim Gerber
 
Posts: n/a
Default Re: iptables block ssh connections with putty
Martin Cooper <usenet@martinc.me.uk> wrote in message news:<gemini.3f0876e5011cc752%usenet@martinc.me.uk >...
....
> If this only occurs when your script has issued a shutdown command, then the
> man page has your answer I qoute :-
>
> "shutdown brings the system down in a secure way. All logged-in users are
> notified that the system is going down, and login(1) is blocked."
>
> Otherwise, you need to say what the script you run does exactly.

Thank you Martin - now the iptables work just fine!!

- Achim
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:08 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0