sshd and PuTTY and Windows firewall

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

From: mike <mikereape@onetel.com>
To: "cygwin@cygwin.com" <cygwin@cygwin.com>
Subject: sshd and PuTTY and Windows firewall
Date: Sat, 07 Jan 2017 19:06:00 -0000	[thread overview]
Message-ID: <c02dd764-289a-af6f-2bfb-6f3f67edcfb7@onetel.com> (raw)

Hi

First I'm using the Windows firewall in Windows 7 on a laptop and it is 
switched on.

I'm not sure whether this is a Cygwin question or not but I don't know 
where else to ask and it's driving me nuts.  If I use the PuTTY app to 
connect to 192.168.1.100 it connects (where 192.168.1.100 is the local 
address behind and through my router). (Using Cygwin ssh 192.168.1.100 
fails because of host key problems but that's a different issue.)  So 
surely (he says) if I can use PuTTY to connect to the Cygwin sshd server 
at 192.168.1.100 then the connection is routed through my router and is 
not local to the machine as in loopback with ssh localhost in that 
sense.  However if I open the Windows Firewall with Advanced Security 
dialogue I cannot find any Windows firewall inbond rules that allow 
Cygwin SSH through (or anything similar).  The domain, private and 
public profiles all say "Inbound connections that do not match a rule 
are blocked".  Therefore the inbound connection through my router should 
be blocked.

I'm worried that I might have a security hole somewhere.  I don't want 
sshd open to the world just local to other machines on my local network 
(behind the router).  This is a concern because since the machine is a 
laptop I might connect to the net with wifi in a coffee shop for example.

Can someone give me a clue as to what's going on please?  What am I 
looking for?  i'm sure I must just be missing the obvious.

Thanks very much in advance

Mike

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

                 reply	other threads:[~2017-01-07 19:06 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=c02dd764-289a-af6f-2bfb-6f3f67edcfb7@onetel.com \
    --to=mikereape@onetel.com \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).