VectorLinux

Please login or register.

Login with username, password and session length
Advanced search  

News:

Visit our home page for VL info. For support and documentation, visit the Vector Linux Knowledge Center or search the Knowledge Center and this Forum using the search box above.

Pages: [1] 2

Author Topic: SSH and WICD-CLIENT and strange shenanigans [SOLVED]  (Read 2156 times)

Rytz

  • Member
  • *
  • Posts: 64
SSH and WICD-CLIENT and strange shenanigans [SOLVED]
« on: February 24, 2010, 03:31:29 am »

Greetings:

This seems like a strange problem but I am a linux noob so it's highly possible I'm missing something simple.

Basically, when I log in as a standard user, I'm able to pull an IP and get on the internet fine.

In regards to SSH, however, I can only SSH to the machine from LOCALHOST (SSH'ing from the same machine to the same machine), not over the LAN or WAN from other computers.

Now, If I restart the network by using "WICD Network Manager" through KDE (or WICD-CLIENT from the command line) after logging in, the SSH problem will then be fixed and the world is safe once again.

I noticed that KDE is autostarting the WICD-CLIENT by using "/etc/xdg/autostart/wicd-tray.desktop".  I tried moving that out temporarily and starting the WICD service by adding it to he startup services for rc4 but that didn't help.  If KDE doesn't start WICD-CLIENT then the network doesn't work at all (completely dead).

Any thoughts?  I'm guessing I need to run some other network scripts since I'm trying to get the network working outside of KDE?  It seems like SSH should be working without having to log in to the desktop at all.

I also tried removing the startup file option for starting after the tray / panel (X-KDE-autostart-after=panel)  - no luck there.

Thanks much.
« Last Edit: March 04, 2010, 02:49:22 am by Rytz »
Logged
~ Rytz

M0E-lnx

  • Administrator
  • Vectorian
  • *****
  • Posts: 3217
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #1 on: February 24, 2010, 08:10:12 am »

never heard of such a problem.

Which version of VL is this?
have you installed any special firewall program or rules after the installation?

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #2 on: February 24, 2010, 08:34:49 am »

never heard of such a problem.

Which version of VL is this?
have you installed any special firewall program or rules after the installation?

I'm running Vector Linux Light 6.0.  Haven't had any other significant issues except sound and those are resolved.

I haven't set up any firewill stuff that I know of.  I haven't seen the firewall script in init.d being called from any startup scripts in rc.d/rc# and I haven't seen it listed during the boot process.  Is the firewall automatically run by VL somewhere else?

In rc.M, I saw rc.paranoid being called.  I tried booting with the call to that script commented but I still have the same problem.

Thanks.
Logged
~ Rytz

nightflier

  • Administrator
  • Vectorian
  • *****
  • Posts: 4085
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #3 on: February 24, 2010, 10:33:14 am »

I'm drawing a blank as well.

Did you add KDE to Light using gslapt?
It may be worth trying KDE-Classic instead, as it's a more tested, better known setup.
Logged

newt

  • Vectorian
  • ****
  • Posts: 1132
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #4 on: February 24, 2010, 10:59:15 am »

I just tested a similar scenario to see if I could recreate the trouble. I too had a non connectivity issue arise when trying to connect to VL Light using SSH from another system but as it turns out it was the firewall on the other system causing the problem. As soon as I dropped the firewall on the other system I was able to ssh and ping the VL light system. Perhaps you're running into a similar situation? Can you ping your VL light system from another LAN system?
Logged

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #5 on: February 24, 2010, 11:53:52 am »

Thanks for the responses - much appreciated.

Did you add KDE to Light using gslapt?
Actually I might be using the wrong terminology for my GUI - I'm using whatever desktop GUI comes with Vector Light 6.

I just tested a similar scenario to see if I could recreate the trouble. I too had a non connectivity issue arise when trying to connect to VL Light using SSH from another system but as it turns out it was the firewall on the other system causing the problem. As soon as I dropped the firewall on the other system I was able to ssh and ping the VL light system. Perhaps you're running into a similar situation? Can you ping your VL light system from another LAN system?
Well from what I could tell the problem seems to be confined to the Vector Light box, since I could ping the Vector Light box IP from the LAN and WAN but I couldn't SSH to it.  The Vector Light box shares its IP with another laptop (windows) that doesn't have any network problems.  These machines are both behind a router that's already doing port forwarding (already configured for SSH port forwards on Vector Light).

I was talking to a friend of mine that is pretty familiar with linux and he thinks its an initial firewall setup issue.  He showed me the iptables list and thinks it might be initially "rejecting" everything except localhost on bootup - before I manually recreate the network with "wicd-client", which is when SSH magically starts accepting connections from the LAN and WAN.

The weird thing was that I tried commenting out the call to rc.paranoid and still had problems so I feel like there is another firewall hook somewhere - is rc.M the only script that runs rc.paranoid?  I grep'ed my entire drive and didn't find anything else.  Are there any other startup scripts that work with the firewall other than the standard "firewall" script?  Just looking for other hooks to check.

I have to wait till I get home to check more into this and try some stuff out.  If I reboot the system remotely I won't be able to get back in till I get home :).
« Last Edit: February 24, 2010, 11:55:43 am by Rytz »
Logged
~ Rytz

nightflier

  • Administrator
  • Vectorian
  • *****
  • Posts: 4085
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #6 on: February 24, 2010, 12:16:10 pm »

The Vector Light box shares its IP with another laptop

Please describe how your network is set up, as in: do you have a DSL/Cable modem connected to a multi-port hub or some other configuration?
Logged

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #7 on: February 24, 2010, 12:37:06 pm »

The Vector Light box shares its IP with another laptop

Please describe how your network is set up, as in: do you have a DSL/Cable modem connected to a multi-port hub or some other configuration?

[DSL  Modem]
    --> [Router: standard 4 port wired + wireless (not used)]
         --> [Vector Light: Static Wired LAN IP: 192.168.1.10]
         --> [WinXP Laptop: Static Wired LAN IP: 192.168.1.11]

All ports are forward correctly.

If I boot up my Vector Light box, log in (through desktop or terminal), try to SSH to this same Vector Light box by using its LAN or WAN address, my connection attempt times out.

If I try something like:
Code: [Select]
ssh localhost
Code: [Select]
ssh 127.0.0.1
The SSH will work with the localhost addresses.  LAN or WAN addresses don't.  This applies to me using other machines to SSH to this Vector Light box as well, but obviously its not the same machine in those cases, so localhost doesn't apply.

This entire problem goes away once I force a reconnect to the wired network through the desktop WICD Network Manager (or wicd-client).

Hope this helps.  Does sound like a firewall issue to me the more I think about it.  When I get home tonight I'm going to reboot and take a look at "iptables --list" and see how it's configured right after a boot.  Hopefully it will say the policies are rejected so I can just figure out how to change the stored boot settings or find out what is setting them every time VL boots up.
« Last Edit: February 24, 2010, 12:40:55 pm by Rytz »
Logged
~ Rytz

M0E-lnx

  • Administrator
  • Vectorian
  • *****
  • Posts: 3217
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #8 on: February 24, 2010, 02:11:00 pm »

What exactly are you tying at the command line to access your VL box via ssh?
you should be doing
Code: [Select]
ssh 192.168.1.10  (Ip per your post)
from a computer within your network. If the ssh server is running on the vl box, it should respond.

If it doesn't, find the firewall script, and do a
Code: [Select]
chmod -x on it and reboot.

If that doesn't work then I dont know what will and you should set the +x flag back on the firewall script.

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #9 on: February 24, 2010, 02:28:00 pm »

Thanks for the reply M0E - I'll try that on the scripts that I know of when I get home.

What are the possible "default" scripts included with the Vector Light distro?  I've seen "firewall" in "/etc/rc.d/init.d" and "rc.paranoid" in "/etc/rc.d".

What other stuff should I look out for?
Logged
~ Rytz

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #10 on: February 25, 2010, 02:25:09 am »

Did some more testing tonight but didn't have much luck.  In the end the problem still exists.

Some things I've tried:

  • Made rc.firewall, init.d/firewall, and rc.paranoid all non-runnable.  I don't see anything firewall-based starting up.
  • Made my own startup script (rc4) to ensure iptable was granting full open access to INPUT, OUTPUT, and FORWARD

Something I did notice, however, was that when I first open up the WICD Network Manager after booting to the GUI (to restart the network), it says on the status bar on the bottom of the window that I'm NOT connected.  It says this even though I am connected to the network and able to access the net.  So my network is being created but WICD is not seeing it?  Any thoughts?

Thanks.
« Last Edit: February 25, 2010, 02:27:11 am by Rytz »
Logged
~ Rytz

nightflier

  • Administrator
  • Vectorian
  • *****
  • Posts: 4085
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #11 on: February 25, 2010, 05:26:33 am »

Well, even if we don't know why this is, we can try a workaround by getting wicd to load automatically and connect.

First step is to start the wicd daemon:
Click Menu > System > VASM System Administration > Super > Service > Srvset > 4 Graphichal user interface desktop > check the box for wicd > OK > Cancel until you're out.

Second, launch the client:
In your home folder, there is a hidden directory, .icewm (note the leading dot). Inside it is a file named startup. Add these two lines to the end of it:
Code: [Select]
sleep 3
wicd-client

Step by step terminal usage for editing the file:
Code: [Select]
mcedit ~/.icewm/startup
(edit the file)
press F2 to save
press F10 to exit

Reboot and see what happens.
Logged

M0E-lnx

  • Administrator
  • Vectorian
  • *****
  • Posts: 3217
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #12 on: February 25, 2010, 04:24:01 pm »

I really think the iptables thing is too far. I have a network with 3 machines when 2 of them run vl and one runs windows. I never needed to Jack with iptables until I had to setup one of my Linux boxes as a router and file/print server. I don't see why you should need special rules in your iptables just for SSH access from within your LAN

newt

  • Vectorian
  • ****
  • Posts: 1132
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #13 on: February 25, 2010, 06:32:29 pm »

Since you're using the wicd-client for configuring your network you need to make sure the wicd daemon is running upon boot so the client can establish the network connection without first requiring a physical login and manual initiation of the wicd-client.  Enabling this via 'vasm/super/service/srvset/your_init_level' is probably the easiest way.  I have a feeling the issues you're running into are related to the wicd daemon-to-client communication, but may very well be wrong.

Better yet, since you're VL system is in a permanent location with a static IP address you should set the system to configure the network without using wicd (daemon or client).  You should just be able to add the following commands to the appropriate startup script:
/sbin/ifconfig eth0 192.168.1.10 netmask 255.255.255.0 up
/sbin/route add default gw 192.168.1.1
Logged

Rytz

  • Member
  • *
  • Posts: 64
Re: SSH and WICD-CLIENT and strange shenanigans...
« Reply #14 on: February 27, 2010, 01:12:19 pm »

Thanks for the replies and help - I didn't have much time to screw around with this stuff on the later part of the week but I'm going to try these suggestions out tonight.  I'll post my results.  Thanks again!
Logged
~ Rytz
Pages: [1] 2