SSH security question

[John Chambers]

| For those of you that use ssh to connect to their machines at home from
| elsewhere, do you have your firewall set up to accept ssh from anywhere,
| or only from where you usually use it, like work?

Well, I've been trying to set it up to accept  ssh  connections  from
anywhere,  but  so  far it accepts connections from nowhere.  I'm not
getting too far digging the info out of TFM and TFFAQ ...

In case anyone knows where I should be looking, here's what it  wrote
to the /var/log/messages file on my last attempt:


Mar 27 11:55:42 kendy sshd[3627]: Received signal 15; terminating.
Mar 27 11:56:20 kendy sshd[4323]: Server listening on 0.0.0.0 port 22.
Mar 27 11:56:20 kendy sshd[4323]: Generating 768 bit RSA key.
Mar 27 11:56:20 kendy sshd[4323]: RSA key generation complete.
Mar 27 11:56:38 kendy sshd[4329]: Connection from 18.62.1.54 port 1002
Mar 27 11:56:38 kendy sshd[4329]: Failed rsa for jc from 18.62.1.54 port 1002
Mar 27 11:56:46 kendy sshd[4329]: Failed password for jc from 18.62.1.54 port 1002
Mar 27 11:56:58 kendy last message repeated 2 times
Mar 27 11:56:58 kendy sshd[4329]: Connection closed by 18.62.1.54
Mar 27 11:56:58 kendy sshd[4329]: Cannot close PAM session[4]: System error


I sorta suspect that the "Failed rsa for ..." message is the critical
one. I don't have a clue about what's failing here, or how to make it
stop failing.  Using "ssh -v" on the client end doesn't give any info
other  than  "Connection refused", which isn't very informative.  The
client side in this case  is  also  running  OpenSSH  (OpenSSH_2.2.0,
protocol  versions  1.5/2.0).  But I'll keep digging.  I don't really
like the idea of being forced to use telnet for such things.

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).