hi

i do something verry stupit
i login with ssh on server and i put rules in hosts.deny ---> ALL: ALL
and in hosts.allow -->213.193.0.0/213.193.255.255
some how i cent login witch ssh -->ssh_exchange_indentification:connection
closed by remote host
and i be sure of the ips
so know some one how i can login and remove that damn lines?

thnks anyway

[ Post a follow-up to this message ]

On Sun, 14 Mar 2004 13:34:45 +0100 volkman wrote:

> hi
>
> i do something verry stupit
> i login with ssh on server and i put rules in hosts.deny ---> ALL: ALL
> and in hosts.allow -->213.193.0.0/213.193.255.255
> some how i cent login witch ssh -->ssh_exchange_indentification:connection
> closed by remote host
> and i be sure of the ips
> so know some one how i can login and remove that damn lines?
>
> thnks anyway

Boot into single user mode with "init=/bin/bash" as a kernel parameter.
Then you can edit /etc/hosts.deny.

Alexander


--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653

[ Post a follow-up to this message ]

"Alexander Dalloz" <alexander.dalloz@uni-bielefeld.de> schreef in bericht
news:pan.2004.03.14.17.14.07.542713@uni-bielefeld.de...
> On Sun, 14 Mar 2004 13:34:45 +0100 volkman wrote:
> 
ssh --> ssh_exchange_indentification:connection[
color=darkred] 
>
> Boot into single user mode with "init=/bin/bash" as a kernel parameter.
> Then you can edit /etc/hosts.deny.
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany
> PGP key valid: made 13.07.1999
> PGP fingerprint: 2307 88FD 2D41 038E 7416  14CD E197 6E88 ED69 5653
>



hi

the server is not in my room .
I from europa and server is in amerika
than is it not easy to go single mode
is there another way ?

[ Post a follow-up to this message ]

volkman schrieb:
some how i cent login witch ssh -->ssh_exchange_indentification:connection
closed by remote host

what exactly happens here?
ssh -v user@remote.host

>
> hi
>
> the server is not in my room .
> I from europa and server is in amerika
> than is it not easy to go single mode
> is there another way ?

Is there any other daemon running that would allow remote connections (e.g.
telnet,  webmin ;-) , vnc, ftp  or an X-server etc.) ?
You should be able to find out with a portscan.

Peer


>
>

[ Post a follow-up to this message ]

"Peer Hebing" <hebing@duesseldorf.de> schreef in bericht
news:c32763$51o$1@news1.rz.uni-duesseldorf.de...
> volkman schrieb:
> some how i cent login witch ssh -->ssh_exchange_indentification:connection
> closed by remote host
>
> what exactly happens here?
> ssh -v user@remote.host

OpenSSH_2.9.9sp2, SSH.protocols 1.5/2.0,OpenSSL 0x009060f
debug1:reading configoration data /etc/ssh/ssh_config
debug1:Applying options for *
debug1:seeding random number generator
debug1:Rhosts Authentication disabled,orginating port with not be trusted
debug1:restore_uid
debug1:ssh_connect:getuid 0 geteuid 0 anon 1
debug1:conecting to x.x.x.x[x.x.x.x] port:22
debug1:temperaily_us_uid:0/0 (e=0)
debug1:restore_uid
debug1:temperaily_us_uid:0/0 (e=0)
debug1:restore_uid
debug1conection established
debug1read PEM private keydone: type DSA
debug1read PEM private keydone: type RSA
debug1:identity file /root/ssh/identity typ -1
debug1:identity file /root/ssh/id_rsa typ -1
debug1:identity file /root/ssh/id_dsa typ -1
ssh_exchange_indenfification:Connection clesed by remote host
debug1:calling cleanup 0x8066546(0x)

why will that not work for make a log file --> ssh -v root@x.x.x.x
>portlog.txt?

 
>
> Is there any other daemon running that would allow remote connections
(e.g.
> telnet,  webmin ;-) , vnc, ftp  or an X-server etc.) ?
> You should be able to find out with a portscan.



Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on  (x.x.x.x):
(The 1530 ports scanned but not shown below are in state: closed)
Port       State       Service
1/tcp      open        tcpmux
21/tcp     open        ftp
22/tcp     open        ssh
26/tcp     open        unknown
53/tcp     open        domain
80/tcp     open        http
111/tcp    open        sunrpc
143/tcp    open        imap2
443/tcp    open        https
993/tcp    open        imaps
995/tcp    open        pop3s
3306/tcp   open        mysql


Nmap run completed -- 1 IP address (1 host up) scanned in 13 seconds





>
> Peer
>
> 

[ Post a follow-up to this message ]

On Sun, 14 Mar 2004 23:41:41 +0100, volkman wrote:

> Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> 21/tcp     open        ftp

Try to ftp to the box using your username/password.  Then try to drop
into a shell using the bang command:

ftp>!/bin/bash

Good luck!

[ Post a follow-up to this message ]

"Tommy Reynolds" <TommyReynolds@yahoo.com> schreef in bericht
news:pan.2004.03.15.01.17.02.581056@yahoo.com...
> On Sun, 14 Mar 2004 23:41:41 +0100, volkman wrote:
> 
>
> Try to ftp to the box using your username/password.  Then try to drop
> into a shell using the bang command:
>
> ftp>!/bin/bash
>
> Good luck!
>


i try that.
but now is the server down and will not restart.
i have the root passw.
so i can login via apache but there come http page
i dont know how i can to the file edit hosts.deny for remove that line

have you any idea?

[ Post a follow-up to this message ]