Remote access via ssh to Solaris 10 system

From: Michael Hannon (jmh@physics.ucdavis.edu)
Date: Mon Jan 14 2008 - 16:43:24 EST

• Next message: Andreas Höschler: "Summary: syslog not working in Solaris 10"
• Previous message: Compañía: "I´m trying to stress memory"
• Next in thread: Michael Hannon: "Re: Remote access via ssh to Solaris 10 system"
• Maybe reply: Michael Hannon: "Re: Remote access via ssh to Solaris 10 system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Greetings. We have what you might call a "legacy" Sun Enterprise 450 in
our department. One of the professors here got the system from a group
that had retired the system. The professor in question wants to use the
system to do only two things:

    1. Provide shell login via ssh from remote sites

    2. Run a web server

We haven't seriously used Solaris in some time, but I thought it would
be prudent to install the latest version of Solaris if we're going to
have the machine on our network.

It was easy enough to get Solaris 10 installed. And during the
installation I was asked if I wanted to have only port 22 (ssh) open to
the world. I responded affirmatively, figuring we could work on port 80
at a later time.

The system is now up and running, and, indeed, ssh works just fine,
except that we can connect only from other systems on our LAN, not from
the "outside world". As the professor splits his time between our
department and a national lab, accepting connections from the outside
world is essential.

I thought that we might just have to make a simple change to some
firewall configuration, but I haven't been able to find anything to
corroborate that idea. There is nothing in the file:

    /etc/ipf/ipf.conf

for instance, and the command:

    ipf -T list

lists zeros for everything. Even more interesting, I guess, is:

    # svcs -a | grep -i pf
    disabled Jan_10 svc:/network/ipfilter:default

It would be possible to do application-level filtering with TCP
wrappers, but I can't find any evidence of TCP wrappers either (no
hosts.allow or hosts.deny files, for instance).

If you have any suggestions as to how we could make our Solaris system
accept ssh connections from everywhere, please let me know ASAP.

By the way, if you know of any good reference book for Solaris 10, I'd
like to hear about that as well. I found the following book at Amazon:
        
    Solaris 10: The Complete Reference (Complete Reference Series)
    by Paul Watters

which sounds ideal, but the book got terrible reviews by Amazon
customers.

Thanks.

                                        - Mike

-- 
Michael Hannon            mailto:hannon@physics.ucdavis.edu
Dept. of Physics          530.752.4966
University of California  530.752.4717 FAX
Davis, CA 95616-8677
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Andreas Höschler: "Summary: syslog not working in Solaris 10"
• Previous message: Compañía: "I´m trying to stress memory"
• Next in thread: Michael Hannon: "Re: Remote access via ssh to Solaris 10 system"
• Maybe reply: Michael Hannon: "Re: Remote access via ssh to Solaris 10 system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:42:40 EDT