Solved

How to enable SSH access on a new installed centos 6.3 server

Posted on 2012-12-27
12
1,168 Views
Last Modified: 2012-12-28
I installed a new centos server locates on DMZ zone. When I tried to putty it from my desktop on LAN zone, it gives me "Network Error: connection refused" . I am guessing that i need do some configurations for the putty protocol although I have already set up network card configurations. Please advise, thank you. I use IP address on the putty, so there is no dns problem involved here.
0
Comment
Question by:Jason Yu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 38724320
Allow port 22 (ssh) traffic to pass through your firewall.

Also, make sure that the ssh server daemon sshd is running on CentOS:

/etc/init.d/sshd start
chkconfig sshd on
0
 

Author Comment

by:Jason Yu
ID: 38724442
Great, it works now. Thank you very much, woolmilkporc.

But I can't go to internet, even after I disabled the inbuilt firewall.

Do I need check the policies on my cisco PIX 505E firewall?

I tried to ping google.com, it doesn't give me responds.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724595
Do you mean going to Internet (http) from CentOS?

If so, you must open port 80 on the firewall between the DMZ and the outside world for the CentOS host.

If you want to ping Internet hosts you must allow ICMP request/reply packets on that firewall.
0
Containers and Docker for Everyone

Containers are an incredibly powerful technology that can provide you and/or your engineering team with huge productivity gains. Using containers, you can deploy, back up, replicate, and move apps and their dependencies quickly and easily.

 

Author Comment

by:Jason Yu
ID: 38724618
thank you for update, bad thing is my firewall is a Cisco PIX 515E, it doesn't have a GUI setup on my company. I used sonicwall for many years and get accustomed to GUI interface.

If i want to enable GUI on this device, how could I do it? I googled on line and says there is an application called asdm can manage cisco firewall. Do I need install this program or just use the IE to manage it.

please refer my another post at http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_27975801.html    for detail description of the issue, thank you.
0
 

Author Comment

by:Jason Yu
ID: 38724660
Yes, I do want to access internet from this CentOS machine. It looks like the firewall blocked the outgoing traffics. Since I can log onto the intranet without any problem.




Do you mean going to Internet (http) from CentOS?

If so, you must open port 80 on the firewall between the DMZ and the outside world for the CentOS host.

If you want to ping Internet hosts you must allow ICMP request/reply packets on that firewall.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724670
Try to get Pix Firewall/Device Manager (PDM).

http://www.cisco.com/cgi-bin/tablebuild.pl/pix

You'll need a CCO Login, however.
0
 

Author Comment

by:Jason Yu
ID: 38724743
I am sorry I don't have an account with Cisco, is there somewhere else I can download.

Or just use some commands on CLI to add some policies.

thank you.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38724770
This is the CISCO CLI Configuration Guide:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/asacfg72.pdf

This guide applies to the Cisco PIX 500 series security appliances (PIX 515E, PIX 525, and PIX 535) and the Cisco ASA 5500 series security appliances (ASA 5505, ASA 5510, ASA 5520, ASA 5540, and ASA 5550).

And here is more about ASDM:

http://www.cisco.com/univercd/cc/td/doc/product/netsec/secmgmt/asdm/index.htm
0
 

Author Comment

by:Jason Yu
ID: 38724826
thank you very much, woolmikporc, I will update this afternoon. have a nice afternoon.
0
 

Author Comment

by:Jason Yu
ID: 38725179
Great, I made it working, I can use ASDM to mange my PIX 515e now. wonderful job. Thank you very much woolmilkporc. I really appreciate your help.

if I want to permit the server on DMZ access Internet, is one access rule enough for doing this. Or do I need create other rules.

thank you.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 38725271
Since the PIX 515 is a stateful firewall opening http (and https if needed) should be sufficient.
0
 

Author Closing Comment

by:Jason Yu
ID: 38727872
Good answers and solution.
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question