Re: "host.deny" : very certain question for this function
From: Alias (dev_at_null.com)
Date: 04/15/05
- Previous message: Paul Lesiak: "Re: keeping tunnel open"
- In reply to: Klaus Lehmann: ""host.deny" : very certain question for this function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 15 Apr 2005 00:20:07 GMT
Klaus Lehmann wrote:
> I'm not shure, that my construction would work.
> If there would be friendly people to have a closer look on this subject.
> thanx.
>
>
> 'have installed OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004 on linux
> (suse9.0)
>
> sshd_config with: protocol 2 and banner .....
>
>
> there's a hosts.deny with:
> http-rman : ALL EXCEPT LOCAL
> sshd: @hosts.deny_list: spawn (echo attempt from %h %a to %d at $(date)
> >> /var/log/deny.log)
>
>
> and the big list "hosts.deny_list". this list contents 175 lines, with
> ip-numbers, which I have catched, they were intruders (not really) on my
> system.
>
> does this works?
> I have no entry in normal log_file (sshd_config: LogLevel INFO) and NONE
> in special logfile (see above: /var/log/deny.log)
>
> I don't know anymore.
> Who can help?
I didn't realize that you have have an @filename construct. What
about something like this instead:
hosts.allow:
sshd: ALL EXCEPT /path/to/hosts.deny_list
hosts.deny:
sshd: spawn (echo attempt from %h %a to %d at $(date) \
>> /var/log/deny.log) : DENY
These lines would fail to allow everyone in the hosts.deny_list,
then would run them through the spawned command (logging the attempt), then
would deny them access.
- Previous message: Paul Lesiak: "Re: keeping tunnel open"
- In reply to: Klaus Lehmann: ""host.deny" : very certain question for this function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
