PFSense blocking SSH access
-
Well, whatever it is, I'd re-apply latest 2.2.4 upgrade to get same permissions everywhere.
Upgrading to 2.2.4 fixed the problem. I can ssh as root now. :)
-
All releases have bugs, including the current version 2.2.4 which you are recommending people to upgrade to, these bugs are currently unknown bugs or zero days, until reported and are patched in 2.2.5 or later versions.
So get over the fact thats the name of the game, its a moving target. Its what makes or breaks sloppy firewalls and internet security practices leaving users exposed. :D
OP should be using 2.2.4. Chances are his /etc got corrupted by the 2.2 sync mistakes that were corrected in 2.2.3 and enhanced in 2.2.4. The nano problem is slow writes. As I understand it the /etc corruption is not nano-specific but due to the slow writes and the misguided speedup method in 2.2.2 and older, nano was more susceptible.
I know I experienced it testing failover by removing power on APUs with full-install mSATA on good intel drives from netgate.
-
All releases have bugs, including the current version 2.2.4 which you are recommending people to upgrade to, these bugs are currently unknown bugs or zero days, until reported and are patched in 2.2.5 or later versions.
So get over the fact thats the name of the game, its a moving target. Its what makes or breaks sloppy firewalls and internet security practices leaving users exposed. :D
OP should be using 2.2.4. Chances are his /etc got corrupted by the 2.2 sync mistakes that were corrected in 2.2.3 and enhanced in 2.2.4. The nano problem is slow writes. As I understand it the /etc corruption is not nano-specific but due to the slow writes and the misguided speedup method in 2.2.2 and older, nano was more susceptible.
I know I experienced it testing failover by removing power on APUs with full-install mSATA on good intel drives from netgate.
Lesson learned. I will be updating to the latest releases as soon as they come out now.
-
It's just that telling someone to not update to the latest version because there might be a zero day is nonsense.
-
It's just that telling someone to not update to the latest version because there might be a zero day is nonsense.
But you'll note if you read carefully what I put, I have not told someone to NOT update to the latest version, but I have provided a way to find out what the problem might be if so inclined to do so for piece of mind not to mention it being an educational exercise as its assumed at this stage to be the /etc bug.
However on the laws of probability would you like to wager there are no zero days in 2.2.4? ;D
-
I agree the odds that the OP issue was because of a compromise what what?? More likely hit by lightning hit the power ball, and the mega millions while you bought 10 winning scratch offs in a row??
Its great and all that your tinfoil hat is 2 sizes too small for you and the NSA has a detail just to trail you.. But the rest of us live in the real world ;)
-
I agree the odds that the OP issue was because of a compromise what what?? More likely hit by lightning hit the power ball, and the mega millions while you bought 10 winning scratch offs in a row??
Its great and all that your tinfoil hat is 2 sizes too small for you and the NSA has a detail just to trail you.. But the rest of us live in the real world ;)
Why do you attack your users for suggesting a way for other users to educate themselves and have piece of mind over the what they use? Do you like keeping your users dumb?
I mentioned the NSA as its a good level to aim for, because they have only had a few major leaks in recent times, the most notable being Snowden.
So if you can lock your systems down to a level beyond their capabilities including the legals ones, then I'd say you have reasonably secure system because who wants to let their IT equipment becomes involved in hacking attacks on things like this? https://cryptome.org/2015/09/nnsa-iranian-target.htm
The NSA are a finite resource and there are certainly less of them than the rest of the world so a little bit of education can go a long long way. You do the odds. ;D
-
Yeah, sure like hell NSA is so lame to cut themselves off SSH by screwing up permissions in retarded way.
-
The NSA are a finite resource and there are certainly less of them than the rest of the world so a little bit of education can go a long long way. You do the odds. ;D
Please stop bringing NSA into every thread. Keep the roll of tinfoil all to yourself. Thanks.
-
The NSA are a finite resource and there are certainly less of them than the rest of the world so a little bit of education can go a long long way. You do the odds. ;D
Please stop bringing NSA into every thread. Keep the roll of tinfoil all to yourself. Thanks.
So when all other arguments have been lost, all you can revert to is the suggestion of tinfoil hats et al?
If people dont value privacy, they must be exhibitionists.
Yeah, sure like hell NSA is so lame to cut themselves off SSH by screwing up permissions in retarded way.
So pfsense screwed up permissions in a retarded way then? Doesnt inspire pfsense users with confidence does it?
-
So pfsense screwed up permissions in a retarded way then?
Yeah. It's been a fucking bug with filesystem corruption. Fixed. Hard to miss, but maybe you've been abducted by aliens meanwhile, or busy shopping for more tinfoil… ::)
-
But was it a bug that the NSA planted to thwart further adoption of pfsense and increased development while they worked on the bug?? Hmmm makes you wonder ;) ROFL..
Oh hold on those black helicopters are out there again..
-
Why are you lot even suggesting the NSA planted the bug? Geez you guys are worse than I thought.
The NSA will exploit bugs where possible though when programmers make mistakes, they even buy some of the zero days from online hacking forums.
https://www.washingtonpost.com/news/the-switch/wp/2013/08/31/the-nsa-hacks-other-countries-by-buying-millions-of-dollars-worth-of-computer-vulnerabilities/The NSA are actively supporting Hackers by outbidding other countries, they need peoples stupidity to exist.
-
Noone here was suggesting that NSA had anything to do with it. You just yet again ruined another thread with your conspiracy theories. Perhaps, if you think about it for a while, no "hacker" will mess up permissions in a way that he gets cut off the shell… Christ.
-
Read carefully what exactly I put and quote me if you can where I have associated these problems to the NSA.
In the mean time enjoy paying your tax dollars to fund the terrorists! ;D