[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hosts.allow not allowing hosts

> Hi all,
> Like a good paranoid user, I protect my dial-up machine with both a
> firewall using ipchains, and also using tcp wrappers to add a further
> layer of security.
> Sometimes I find it convinient to scp things to my machine for the
> outside world, so I leave my ssh port open (I'm using gShield as my
> firewall, and highly recommend it). However, I've found that I can't
> connect my ssh port from outside when online.
> Digging around for a solution, I found that I had the following in
> /etc/hosts.deny:
> ALL:
> Which I vaguely remember having put there because of aforementioned
> paranoia. This shouldn't have been a problem, I wouldn't have thought as
> long as I had the correct line in hosts.allow, as the hosts_access(5)
> man page says that allow is checked before deny.
> However, I can't get the hosts.allow bit working.
> I've tried putting
> ssh: ALL
> and
> ssh:

You have to put the name of the daemon into the hosts.allow file.
I think it is sshd instead of ssh.


> in hosts allow, but neither works. Commenting out the sole line in
> hosts.deny does, however, allow incoming ssh to work, so obviosuly it's
> just a matter of having the correct line in allow.
> Can anyone tell me what that line should be. Maybe I'm overlooking
> something obvious, but I can't work it out.
> cheers,
> damon
> -- 
> Damon Muller (dm-sig6@empire.net.au) /  It's not a sense of humor.
> * Criminologist                     /  It's a sense of irony
> * Webmeister                       /  disguised as one.
> * Linux Geek                      /     - Bruce Sterling 
> - Running Debian GNU/Linux: Doing my bit for World Domination (tm) -

Reply to: