Failed none and iptables
Posted
by
Michael
on Server Fault
See other posts from Server Fault
or by Michael
Published on 2011-03-13T04:21:39Z
Indexed on
2011/03/13
8:11 UTC
Read the original article
Hit count: 246
iptables
|ubuntu-10.04
The problem is that when I ssh to my host with putty and enter user name, after that the password prompt delays. Found this is directly related to my iptables and can solve by changing default policy to ACCEPT. If default INPUT policy is ACCEPT, then password prompt is coming immediately.
Mar 13 00:05:01 server-ubuntu sshd[6154]: Connection from 192.168.0.10 port 26304
Mar 13 00:05:06 server-ubuntu sshd[6154]: Failed none for acid from 192.168.0.10 port 26304 ssh2
However, if default INPUT policy is DROP, I got slight delay in getting password prompt after I enter username
Mar 13 00:07:12 server-ubuntu sshd[6177]: Connection from 192.168.0.10 port 26333
Mar 13 00:07:35 server-ubuntu sshd[6177]: Failed none for acid from 192.168.0.10 port 26333 ssh2
For the second case, I tried to set default policy for FORWARD and OUTPUT chains to ACCEPT, but it didn't help. The only rule in this case is:
-A INPUT -i eth1 -m mac --mac-source 00:26:XX:XX:XX:XX -j ACCEPT
00:26:XX:XX:XX:XX is the mac address from which I am trying to ssh to server's LAN(eth1).
I'm sure there has to be some rule, which I can use while default INPUT chain policy is DENY in order to get password prompt immediately. I realize that the error message in the log is something normal and part of some verification procedure.
© Server Fault or respective owner