Solved

How to enable SSH access on a new installed centos 6.3 server

Posted on 2012-12-27
12
1,170 Views
Last Modified: 2012-12-28
I installed a new centos server locates on DMZ zone. When I tried to putty it from my desktop on LAN zone, it gives me "Network Error: connection refused" . I am guessing that i need do some configurations for the putty protocol although I have already set up network card configurations. Please advise, thank you. I use IP address on the putty, so there is no dns problem involved here.
0
Comment
Question by:Jason Yu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 38724320
Allow port 22 (ssh) traffic to pass through your firewall.

Also, make sure that the ssh server daemon sshd is running on CentOS:

/etc/init.d/sshd start
chkconfig sshd on
0
 

Author Comment

by:Jason Yu
ID: 38724442
Great, it works now. Thank you very much, woolmilkporc.

But I can't go to internet, even after I disabled the inbuilt firewall.

Do I need check the policies on my cisco PIX 505E firewall?

I tried to ping google.com, it doesn't give me responds.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724595
Do you mean going to Internet (http) from CentOS?

If so, you must open port 80 on the firewall between the DMZ and the outside world for the CentOS host.

If you want to ping Internet hosts you must allow ICMP request/reply packets on that firewall.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:Jason Yu
ID: 38724618
thank you for update, bad thing is my firewall is a Cisco PIX 515E, it doesn't have a GUI setup on my company. I used sonicwall for many years and get accustomed to GUI interface.

If i want to enable GUI on this device, how could I do it? I googled on line and says there is an application called asdm can manage cisco firewall. Do I need install this program or just use the IE to manage it.

please refer my another post at http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_27975801.html    for detail description of the issue, thank you.
0
 

Author Comment

by:Jason Yu
ID: 38724660
Yes, I do want to access internet from this CentOS machine. It looks like the firewall blocked the outgoing traffics. Since I can log onto the intranet without any problem.




Do you mean going to Internet (http) from CentOS?

If so, you must open port 80 on the firewall between the DMZ and the outside world for the CentOS host.

If you want to ping Internet hosts you must allow ICMP request/reply packets on that firewall.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724670
Try to get Pix Firewall/Device Manager (PDM).

http://www.cisco.com/cgi-bin/tablebuild.pl/pix

You'll need a CCO Login, however.
0
 

Author Comment

by:Jason Yu
ID: 38724743
I am sorry I don't have an account with Cisco, is there somewhere else I can download.

Or just use some commands on CLI to add some policies.

thank you.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724770
This is the CISCO CLI Configuration Guide:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/asacfg72.pdf

This guide applies to the Cisco PIX 500 series security appliances (PIX 515E, PIX 525, and PIX 535) and the Cisco ASA 5500 series security appliances (ASA 5505, ASA 5510, ASA 5520, ASA 5540, and ASA 5550).

And here is more about ASDM:

http://www.cisco.com/univercd/cc/td/doc/product/netsec/secmgmt/asdm/index.htm
0
 

Author Comment

by:Jason Yu
ID: 38724826
thank you very much, woolmikporc, I will update this afternoon. have a nice afternoon.
0
 

Author Comment

by:Jason Yu
ID: 38725179
Great, I made it working, I can use ASDM to mange my PIX 515e now. wonderful job. Thank you very much woolmilkporc. I really appreciate your help.

if I want to permit the server on DMZ access Internet, is one access rule enough for doing this. Or do I need create other rules.

thank you.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38725271
Since the PIX 515 is a stateful firewall opening http (and https if needed) should be sufficient.
0
 

Author Closing Comment

by:Jason Yu
ID: 38727872
Good answers and solution.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question