[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian openssh option review: considering splitting out GSS-API key exchange



Am Di, Apr 02, 2024 at 13:30:43 +0200 schrieb Marc Haber:
from being vulnerable to the current xz-based attack. Just having to
dump an ALL: ALL into /etc/hosts.deny is vastly easier than having to
maintain a packet filter.

Stupid question, but if you put „ALL: ALL” into hosts.deny, couldn’t you stop the ssh daemon instead? ALL: ALL will block your ssh access, so it doesn’t matter if the daemon is running or not.

	Stephan

--
|    If your life was a horse, you'd have to shoot it.    |


Reply to: