SUMMARY: TCP wrappers/SSH/HELP

From: Brian Laughton (brian@sprint.ca)
Date: Wed Aug 19 1998 - 09:00:53 CDT


        Thanks to all who responded ....

Bruce Bowler
Rich Pieri
Bismark Espinoza
Jim Roy
Patrick Gilbert
Dave McFerren
Jochen Bern

The soloution was :
Hosts.allow should have

        sshd sshdfwd-X11 : localhost 107.107.107. 107.107.108.

The problem was:

        I'm trying to configure SSH to forward X11 through a firewall, with
TCP wrappers on both machines. My client is on one class C address, the
server is on a different class C behind a firewall, which does not allow X
connections to pass through.

Software:
        SSH ver 1.2.25
        TCP_WRAPPERS ver 7.6
        Solaris 2.6
        Sparc 5 (client)
        Sparc 5 (server)

Scenario:
        I log into the clinet on the console.
        I ssh to the server
        My Display is set properly (server:10.0)
        When I start an xterm (or any other X program) I get the message

XIO: fatal IO error 131 (Connection reset by peer) on X server "server:14.0"
after 0 requests (0 known processed) with 0 events remaining.

        The client has the following message logged in /var/adm/messages.

Aug 18 12:50:15 client sshd[6784]: error: Fwd X11 connection from server
refused by tcp_wrappers.

file: hosts.allow on client & server
        SSH: LOCAL 107.107.107. 107.107.108.

file: hosts.deny on client & server
        ALL:ALL
        
NOTE:
        if I put
        ALL: LOCAL 107.107.107. 107.107.108. in hosts.allow on the client
everything works fine, but this is not an option.

----- Brian Laughton -----
Supreme Ruler of the UnKnown Universe



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:46 CDT