[ubuntu-hardened] [refpolicy] Cannot use SSH with Refpolicy in Ubuntu Hardy

Justin P. Mattock justinmattock at gmail.com
Sun Sep 7 04:32:47 BST 2008


Hmm a few days ago I was able to
Ssh into a machine that was in permissive without an issues, except
For making sure tcpwrappers were set right(/etc/host.*); but couldn't  
into
The machine that was in full enforcment(didn't spend too much time  
though); maybe xorg needs
Adjusting. Anyways check
/etc/host.* aren't blocking anything
As well as /etc/ssh/config is set right.

justin P. Mattock



On Sep 6, 2008, at 7:57 PM, Hong <kindloaf at gmail.com> wrote:

> Thanks for your reply, Justin.
>
> I just changed the line `SELINUX=enforcing` to `SELINUX=permissive`  
> and reboot the system.
>
> After reboot, I checked `getenforce` and it returned `permissive`.
>
> But still I cannot ssh to the machine remotely...
> After each try with a correct password, /var/log/message doesn't  
> grow but /var/log/audit/audit.log grows with one line.
> If I tried with an incorrect password, neither of the two log files  
> changed.
>
>
> Hong
>
> On Sat, Sep 6, 2008 at 10:18 PM, Justin P. Mattock <justinmattock at gmail.com 
> > wrote:
> I know this might sound stupid, but
> Check and make sure /etc/selinux/config is in permissive
> As well. I.g. A few months ago I couldn't boot, because of having  
> that file In enforcing.
>
> justin P. Mattock
>
>
>
>
> On Sep 6, 2008, at 5:36 PM, Hong <kindloaf at gmail.com> wrote:
>
> Hi,
>
> I downloaded the source of refpolicy in Hardy.  (`apt-get source  
> refpolicy`).  I compiled the policy and loaded it.  And then I  
> reboot the system with PERMISSIVE mode.  (add `enforcing=0` in the  
> kernel options when booting)
>
> Now I cannot login the system remotely using ssh.  Note that the  
> system is in PERMISSIVE mode! (`getenforce` returns `Permissive`).   
> Everytime I tried `ssh my_host_name` and enter the correct password,  
> the client side shows
> "Read from remote host my_host_name: Connection reset by peer
> Connection to my_host_name."
>
> And after each unsuccessful login, the /var/log/audit/audit.log file  
> on the server   added a line:
> "type=ANOM_ABEND msg=audit(1220746818.492:93): audit=4294967295  
> uid=1000 gid=1000 subj=system_u:system_r:sysadm_t pid=4713  
> comm="sshd" sig=6"
>
> By the way, when I use `make load` to load the policy, there is a  
> one-line error message
> '[19691.816572] secuirty; context system-u;system-r;sysadm-mail-t is  
> invalid'
>
> I am not quite familiar with the messages.  Can anyone help me to  
> see what's going?
>
>
> Thanks,
> Hong
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20080906/7989cecb/attachment.htm 


More information about the ubuntu-hardened mailing list