some of my ssh settings must be off, here. i can't "su" to root when logged in remotely using ssh via our private tunnel...?
== i've got two debian/potato firewalls running remote intranets -- one at home, say 1.2.3.4, and one at the office, say 2.4.6.8: at home i use 192.168.1.* for my intranet address space. at the office we use 10.1.1.*, and here's how we established the tunnel: # at home (public ip 1.2.3.4): ip tunnel add office \ local 1.2.3.4 remote 2.4.6.8 \ mode ipip ttl 32 ifconfig office \ 192.168.1.1 pointopoint 10.1.1.1 \ netmask 255.255.255.0 # at the office (public ip 2.4.6.8): ip tunnel add residence \ local 2.4.6.8 remote 1.2.3.4 \ mode ipip ttl 32 ifconfig residence \ 10.1.1.1 pointopoint 192.168.1.1 \ netmask 255.255.255.0 so now we can reach the residence computers from the office, and vice-versa, using our private ip addresses (192.168.1.*, 10.1.1.*). ...in theory. from 10.1.1.1 (office) i try to connect to the home net-- [EMAIL PROTECTED] $ ssh 192.168.1.1 The authenticity of host '192.168.1.1' can't be established. Key fingerprint is 1024 e5:c8:6f:f4:bb:a6:28:3f:7e:e1:c7:ae:2c:41:7a:74. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.1' to the list of known hosts. [EMAIL PROTECTED]'s password: and there it sits until ^C. but using the public address, all is well: [EMAIL PROTECTED] $ ssh 1.2.3.4 [EMAIL PROTECTED]'s password: Last login: Wed Mar 20 13:37:03 2002 from duo on pts/0 Linux residence 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown [EMAIL PROTECTED] $ i'd love to dianose that. but that's not the real kicker... here's the weird part -- when going from home to the office: [EMAIL PROTECTED] $ ssh 10.1.1.1 [EMAIL PROTECTED]'s password: Last login: Fri Mar 22 12:09:39 2002 from 192.168.1.1 on pts/1 Linux office 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown [EMAIL PROTECTED] $ su all seems well until i try to do 'su' which locks everything up. i haven't discovered a keystroke that'll break through -- i spawn a secondary rxvt (local) and kill the ssh process to free it up. (i also logged in via public remote ip at the office, and did su [successfully] and nosed around /proc/[pid-of-stuck-su] but it's all greek to me. /proc/<pid>/status included 'State: S (sleeping)' if that's significant.) i tried 'login' instead (where i'd failed at 'su') and got: [EMAIL PROTECTED] $ login root No utmp entry. You must exec "login" from the lowest level "sh" [EMAIL PROTECTED] $ ps afx [output trimmed] 263 ? S 0:27 /usr/sbin/sshd 30904 ? S 0:00 \_ /usr/sbin/sshd 30905 pts/1 S 0:00 \_ -bash 30912 pts/1 R 0:00 \_ ps afx but again, when i get in via the public addresses (from home-to- office, just as in office-to-home) all is right with the world: [EMAIL PROTECTED] $ ssh 2.4.6.8 [EMAIL PROTECTED]'s password: Last login: Fri Mar 22 12:11:27 2002 from 192.168.1.1 on pts/1 Linux office 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown [EMAIL PROTECTED] $ ps afx [output trimmed] 263 ? S 0:27 /usr/sbin/sshd 30915 ? S 0:00 \_ /usr/sbin/sshd 30916 pts/1 S 0:00 \_ -bash 30921 pts/1 S 0:00 \_ bash 30926 pts/1 R 0:00 \_ ps afx i don't know where to look. is this an sshd config thing? is pam doing her thing a bit too well? which lsof thingie will reveal the snag? will it be something in /proc that explains this? or is it a side-effect of some 'ip tunnel' config? any pointers are welcome -- thanks! -- I use Debian/GNU Linux version 2.2; Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown DEBIAN NEWBIE TIP #58 from Thomas Zimmerman <[EMAIL PROTECTED]> : Wondering HOW TO SET YOUR SYSTEM CLOCK? There's a true hardware clock on your computer's motherboard; at startup, it sets your system's software clock. To set your hardware clock use "hwclock" (apt-get install util-linux). Try the --localtime and --systohc options. (Or even take a look at --help.) Also see http://newbieDoc.sourceForge.net/ ...