RE: Using wrappers w/ssh
From: Baker, Darryl (Darryl.Baker_at_gedas.com)
Date: 09/30/04
- Previous message: harry: "Re: Blocking ssh but not sftp/scp"
- Maybe in reply to: Bill Edison: "Using wrappers w/ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com> Date: Thu, 30 Sep 2004 12:11:52 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have a related question:
I never run sshd out of inetd. I've always run it as a standalone
daemon. Can this be done?
_____________________________________________________________________
Darryl Baker
gedas USA, Inc.
Operational Services Business Unit
3800 Hamlin Road
Auburn Hills, MI 48326
US
phone +1-248-754-5341
fax +1-248-754-6399
Darryl.Baker@gedas.com
http://www.gedasusa.com
_____________________________________________________________________
> -----Original Message-----
> From: Bill Edison [mailto:edison@newpaltz.edu]
> Sent: Thursday, September 30, 2004 7:47 AM
> To: secureshell@securityfocus.com
> Subject: Re: Using wrappers w/ssh
>
>
>
> Thanks to everyone who replied to my first post. I went ahead and
> installed it on my test machine,
> this is AIX 5.1, with the only config parameter being
> --with-tcp-wrappers. It seemed to configure,
> compile and install without a problem, as did the 4 or 5 or 6
> included
> verification modules. I'm probably making a
> conceptual mistake here, but I've tried using both methods to run
> it- (1) changing inetd to point to tcpd
> instead of the original routine and (2) moving the real routines
> (ftpd...etc.) into another sub directory
> and replacing them with renamed tcpd modules. Regardless of
> the method
> or restrictions in hosts.deny
> it grants access to anyone and any service. At least it's not
> picky. I
> finally set hosts.deny to deny anything
> to anyone and it still grants all services to anyone. But running
> tcpdmatch and/or tcpdchk yields the correct
> action/information. I thought maybe it was picking up an
> obscure module
> maybe from a different folder
> so I tried renaming/removing tcpd. This resulted in a failed
> connection
> so at least it's sending packets to
> the right place and, using the correct code. It acts as if it's
> not seeing hosts.deny. The permissions look ok on this,
> so it just grants access. Is there a way to find out what's going
> on here? Where am I going wrong?
>
> tks,
> Bill Edison
>
>
> >Anyone using tcpwrappers with ssh? We're running a RISC 6000 w/AIX
> > 5.2002 Just wondering
> >about any problems/quirks.
>
> Hope the weekend was good,
> cheers,
> Bill Edison
>
> >
> >
>
>
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Security 7.0.3
iQA/AwUBQVwwSVe1Bhkj9lZeEQKU7QCg/M5NS8B339Q0m2L9Mwou6VpIV5kAnR86
xLp2ZLhY/YdBGo1qyBZYHmdY
=Hkum
-----END PGP SIGNATURE-----
- application/octet-stream attachment: Baker__Darryl.vcf
- Previous message: harry: "Re: Blocking ssh but not sftp/scp"
- Maybe in reply to: Bill Edison: "Using wrappers w/ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
