Re: sshd security
From: Peter Jeremy (PeterJeremy_at_optushome.com.au)
Date: 09/25/04
- Previous message: Steve Shorter: "Re: sharing /etc/passwd"
- In reply to: Derek Ragona: "Re:sshd security"
- Next in thread: Dag-Erling Smørgrav: "Re: sshd security"
- Reply: Dag-Erling Smørgrav: "Re: sshd security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 26 Sep 2004 06:38:33 +1000 To: Derek Ragona <derek@computinginnovations.com>
On Fri, 2004-Sep-24 08:22:12 -0500, Derek Ragona wrote:
>I tried to implement a similar scheme in my hosts.allow on a FreeBSD 5.2.1
>server. But when I try to test it from an IP outside my LAN, it still
>allows ssh logins. I even put in a line in hosts.allow to explicitly deny
>the IP I was ssh'ing from, but it still let me in. The behavior gives the
>appearance that TCP wrappers are not enabled, and thus the /etc/hosts.allow
>file is ignored.
>
>Is there something I need to do to enable the wrappers in sshd? I saw that
>there is a compile option for the portable source from openssh.org, so I
>wonder if there is some compile option that needs to be enabled in
>make.conf?
Depending on how TCP wrappers are integrated into SSH, one possibility
is that you need /var/empty/etc/hosts.{allow,deny}
-- Peter Jeremy _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Steve Shorter: "Re: sharing /etc/passwd"
- In reply to: Derek Ragona: "Re:sshd security"
- Next in thread: Dag-Erling Smørgrav: "Re: sshd security"
- Reply: Dag-Erling Smørgrav: "Re: sshd security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
