On Sat, Mar 30, 2013 at 12:54 PM, SilverTip257 <silvertip257@xxxxxxxxx>wrote:
> On Fri, Mar 29, 2013 at 1:09 PM, zGreenfelder <zgreenfelder@xxxxxxxxx
> >wrote:
>
> > On Fri, Mar 29, 2013 at 12:37 PM, Pat Haley <phaley@xxxxxxx> wrote:
> > >
> > > Hi,
> > >
> > > Actually we're talking about both SSH and XDMCP X11 forwarding.
> > > Both seem to be currently disabled by the iptables.
> > >
> > > We'll try out what you suggest and get back with the results.
> > > Thanks.
> > >
> > > Pat
> >
> > iptables should have no effect (well. I guess if you do some really
> >
>
> Read the entire thread. The OP tested with firewall rules and then with fw
> off/flushed rules.
>
> He could run 'iptables -L -x' at the command line to get the counts of
dropped packets. If he does that twice, one before and once after testing
the differences will show which rules are being hit.
>
> > odd config settings it -could-, but that's a bit of an edge case) on
> > ssh X tunnels. check your /etc/ssh/sshd_config for
> > X11Forwarding
> > it should be set to yes. if you have iptables that apply to
> > localhost/127.0.0.0/8 network, then I suppose iptables could be part
> > of the problem. but I'd think it'd make sense to drop most all of
> > those rules.
> >
> > it might also be helpful to look at the output of from your external
> > machine when you run ssh -vvvv -X user@clusterhost (I wouldn't send it
> > all to the list, cuz it'll be a ton of nonsense, but the last page or
> > of output lines have helped me find issues in the past)
> >
> > ... or am I completely off in left field and you're saying you're
> > unable to ssh into your machines?
> > --
>
Cheers,
Cliff
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
