Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Andrzejek on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

connection

Status
Not open for further replies.
babeo

babeo

Technical User
Mar 30, 2000
398
CA
Hello,
I heard that there is some kind of security that won't allow to connect to a box (sorry, not understand it completely and how), but there are some boxes that I want to connect, I have id/pwd, and IP address, but I am unable to make connection although I try to connect it from an existing machine (although I know it won't work due to that IP is not set up in /etc/hosts, am I right?) or from a new telnet window.

How's that box set up and how can I connect? If I have root previleage?

Thanks
 
Sort by date Sort by votes
If you have the IP address, it doesn't need to be in [tt]/etc/hosts[/tt] to use it. You have to have a "route" from your machine to the IP address.

Assuming the IP address you want to get to is [tt]10.20.30.40[/tt], log onto the existing machine and try the following commands...
Code: 
ping 10.20.30.40
traceroute 10.20.30.40
Remember to use the correct IP address. The [tt]ping[/tt] will tell you IF you can reach it from there. The [tt]traceroute[/tt] will give you a little more information about how you reach it. If one of both of the commands fail, you either need to change the configuration on the existing machine, the new machine, or the network between them. We would need more information to help beyond that.

If the commands work, you should be able to [tt]telnet[/tt] to that machine using the IP address (if it is set up to accept [tt]telnet[/tt] connections).

Hope this helps.
 
Upvote 0 Downvote
Thanks Sambones

ping : it's alive
traceroute: looks like it must do 5 hopes before the 6th to reach this machine, as the result, can I say, if I log into either machine in the hop list above or the best is to the machine in the last hop, can I connect to this machine? or as you said I need to set up accept telnet connections? Will the message below means a denied in telnet connection: "telnet: Unable to connect to remote host: Connection refused" ?

Thanks
 
Upvote 0 Downvote
babeo;


When you try to telnet to the box do you get the login prompt?

If yes then your problem is that you are trying to telnet as root and your file to allow this is not properly set up.

you need to edit /etc/default/login as seen below;

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
#CONSOLE=/dev/console

If you are trying to ftp you need to edit another file.

solaris 8 you need to remove root from /etc/ftpusers

solaris9 you need to remove root from /etc/ftpd/ftpusers

It is not suggested to allow root login via telnet. You should set yourself up and account on the remote system.


thanks

CA

 
Upvote 0 Downvote
Try using [tt]ssh[/tt] instead of [tt]telnet[/tt]. See if you can...
Code: 
ssh 10.20.30.40
Of course using the right IP address.
 
Upvote 0 Downvote
If you're getting "Connection refused" it must be able to reach the host, so it's not a network problem. My guess is that telnet is disabled on that system?

If you can log on to that system by some other method you can check by doing netstat -a | grep telnet. If you see a line like this, it is enabled:

[tt]tcp 0 0 *:telnet *:* LISTEN[/tt]

Annihilannic.
 
Upvote 0 Downvote
Thanks all for the replies.
I have tried all the suggestions above (from a telnet session of a machine) to the box I want, but I still can not connect to the box ?!:
- the #CONSOLE=/dev/console is the current set up on my box (since I can not connect to the "restrict" box, I don't know how this line looks like on there)
- I try ssh command and get "ksh: ssh: not found" message.
I then try to find the command "ssh", but get "find: cannot open /: Stale NFS file handle" !
- the last suggestion from Annihilannic can not do, due to can not log in the box, so may be the telnet is disable on that system !

 
Upvote 0 Downvote
babeo;

So is this box located at a remote site?

IF not then you need to go to that system and edit the file I mentioned.

If the OS is solaris 9 you need to set up ssh in order to use it. To set up ssh you need to issue ssh-keygen on the systems and give them the same passphrase.



CA
 
Upvote 0 Downvote
Oh I see !!,
Thanks CA, I try my best to do whatever I can before my boss say that I did not try, but this is costly for me and him to fly me to that system just to do that small change, so consider let the tech there taking care of the box then, what happens to him or to the system, I don't want to think nor argue further with my boss if they don't want to release access then!.

The only thing still bugging me is I still want to know what was changed (in what file system or else) that can prevent users from connecting to the system? I really want to apply that to some of my system too.

Is there any file on the system that I can make that set up?

Thanks
 
Upvote 0 Downvote
babeo;

so this was a system that was running and you were able at onetime to telnet in as root?

How to disable services below:

if you edit /etc/services and pound out lines for telnet, ftp or anything else then stop and start the inetd process it will change access.

I dont't know your OS but if solaris 9 you edit /etc/services. start and stop inet services with commands below.

run pkill -HUP inetd

Solaris 8

edit file

ps -ef | grep inetd

kill -HUP <processid>

thanks

CA


 
Upvote 0 Downvote
babeo;

Forgot to ask if this is an NFS server?
When you say people can't connect due you mean to a shared filesystem?

Thanks

CA
 
Upvote 0 Downvote
You're absolutely right,
One day, I just find out sometimes I can connect, another day I can not, and then some days after that can not connect to it any more ! Probably he is testing on the set up above.

Any way, with the set up above will it let someone still log in ? (remotely or telnet or how?) or just locally? I still dump about this because what happen with local users need to query data of databases on this system? I know that it is due to application level and database level controls, but stuck with OS issue !
Thanks
 
Upvote 0 Downvote
babeo;

My original post I asked if you get the login prompt when trying to telnet, do you or do you not get it?

If you edit the services you are shuting the ports off so you will not be able to access it remotely.

As far as connecting to a share it could be due to a bunch of different factors.

1.) sometimes the nfs service may be causeing problems. It may require stoping and restarting nfs server process.
/etc/init.d/nfs.server stop
/etc/init.d/nfs.server start or again you could use syntax similar to what I posted for the inetd process.

check out the below site

2.) Maybe the filesystem is experiencing problems such as timeouts. This would be hardware related. Check /var/adm/messages messages.0 etcc for WARNINGS etc..

3.) Someone is screwing around with the system and messing with processes, files etc..

4.)internet provider has poor service

5.)I would check on patch levels on this system also. I did not look myself but if you really want to solve this problem you need to look at all aspects.

Man I could think of a bunch of other things but above should be a good start.

Also have someone run a last on the system and look to see if there are any consistancies with login times of certain people and loss of access. You are going to need to start documenting when you can't get in and try to figure it out from there.

Where is the system located?

Thanks

CA
 
Upvote 0 Downvote
CA,
"My original post I asked if you get the login prompt when trying to telnet, do you or do you not get it?"
Yes, I have a telnet prompt and I could log in as root or other id, by yesterday conversation with someone, I just know that some system is applied this kind of system, and stickly for the some users. ?! I think it just involves political issue !

I don't think any thing wrong with the system, but probably they set up a log to monitor someone log into it, and probably when they see other than the desired users log in, they have to reapply the security again, which I did log in a few time to this sytem just to compare the set up of it with my similar system here, but then one day can not log in any more.

I am sitting at the Pacific coast and the system is at Atlantic coast !

Thanks for all your help, I try to do something here to see if some one is complainning about accessing. Hee hee
 
Upvote 0 Downvote
babeo;

you should get a login prompt when trying to telnet unless someone has shut off service to telnet port, then you will not get the login prompt.

If this is behind a firewall they may be changing the settings on that. Then they would need to get your ip and set it up to allow access from that.

Any chance the system is in florida. Long shot.

thanks

ca





 
Upvote 0 Downvote
It's also possible that access has been restricted to certain IP addresses using something like tcpwrappers.

Annihilannic.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ddog6601
  • Locked
  • Question
CMS Supervisor - Connection to server xxx.xx.x.xx is Lost
Replies
2
Views
148
ddog6601
ddog6601
kashyap1983
  • Locked
  • Question
sftp connection hungs, vvv mode did not helped...
Replies
1
Views
138
sbrews
sbrews
aliyesami
  • Locked
  • Question
storage array connection issues urgent help needed
Replies
2
Views
130
aliyesami
aliyesami
maximusGeek
  • Locked
  • Question
SSH - Network error: Software caused connection abort
Replies
0
Views
80
maximusGeek
maximusGeek
jad
  • Locked
  • Question
LDAP connection issue
Replies
1
Views
39
jad
jad

Part and Inventory Search

Sponsor

Back
Top