Hi all, Like a good paranoid user, I protect my dial-up machine with both a firewall using ipchains, and also using tcp wrappers to add a further layer of security. Sometimes I find it convinient to scp things to my machine for the outside world, so I leave my ssh port open (I'm using gShield as my firewall, and highly recommend it). However, I've found that I can't connect my ssh port from outside when online. Digging around for a solution, I found that I had the following in /etc/hosts.deny: ALL: 0.0.0.0/0.0.0.0 Which I vaguely remember having put there because of aforementioned paranoia. This shouldn't have been a problem, I wouldn't have thought as long as I had the correct line in hosts.allow, as the hosts_access(5) man page says that allow is checked before deny. However, I can't get the hosts.allow bit working. I've tried putting ssh: ALL and ssh: 0.0.0.0/0.0.0.0 in hosts allow, but neither works. Commenting out the sole line in hosts.deny does, however, allow incoming ssh to work, so obviosuly it's just a matter of having the correct line in allow. Can anyone tell me what that line should be. Maybe I'm overlooking something obvious, but I can't work it out. cheers, damon -- Damon Muller (dm-sig6@empire.net.au) / It's not a sense of humor. * Criminologist / It's a sense of irony * Webmeister / disguised as one. * Linux Geek / - Bruce Sterling - Running Debian GNU/Linux: Doing my bit for World Domination (tm) -
Attachment:
pgpz0tZHh3Vwh.pgp
Description: PGP signature