When trying to SSH over the Ethernet cable with the following setup:
- Legato version is 16.10.0 or newer
- The Ethernet port is powered on and all the LED lights are on
- Able to ping eth0’s IP address
Yet unable to successfully connect to the session, it means that the Legato framework update has disabled the ability to SSH through any network interface other than usb0. This has been done through a few IPTable rules which were added, to force drop all SSH traffic from all interfaces except usb0. To my understanding, this setting has been added temporarily to further increase security.
In order to change this setting, the rule configuration can be found in rules.v4 and rules.v6. Use the vi text editor
vi /etc/iptables/rules.v4
And modify the default configuration to enable eth0 and disable usb0 by removing the comment on the eth0 line and commenting out the usb0 line, as follows:
# Generated by iptables-save v1.4.21
*filter
:INPUT ACCEPT [65:13163]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [15:3656]
# The following line disables ssh over all interfaces other than usb0.
# To enable ssh on a different interface, replace ‘usb0’ with other
# interface’s name, e.g.:
-A INPUT ! -i eth0 -p tcp -m tcp --dport 22 -j DROP
# -A INPUT ! -i usb0 -p tcp -m tcp --dport 22 -j DROP
COMMIT
Exit the vi text editor by typing :wq! and follow the same procedure by changing the configuration in rules.v6.
vi /etc/iptables/rules.v6
Note: With the current Legato firmware version 16.10.1, you can only have one interface enabled at any one time. Overall, it will come down to the decision weather you want to SSH over Ethernet or USB.
All this information was found at: http://legato.io/legato-docs/latest/basicTargetConfigIPethEnable.html
#Wavefront #WP8548 #CF3