[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hosts.allow/hosts.deny question (2)



-----BEGIN PGP SIGNED MESSAGE-----

These are by no means irrelevant to sshd, even if it is not run from
inetd.  Read the man page for sshd, in which you'll see that it can be
build with direct support for tcp_wrappers.  If it is (I don't know what
the configure options in the Debian build are, but I suspect it is), then
'sshd: ALL' or whatever should work in /etc/hosts.allow and .deny.

OTOH, Lindsay should also check for AllowHosts or DenyHosts in
/etc/ssh/sshd_config...man sshd for more info.

HTH,
noah

On Mon, 7 Aug 2000, Eric G . Miller wrote:

> On Mon, Aug 07, 2000 at 09:48:13PM +0800, Lindsay Allen wrote:
> > 
> > Hello world,
> > 
> > I have a hosts_access problem.
> > 
> > hosts.deny has the line 
> > ALL:ALL
> > 
> > This stops me logging in with ssh.  The problem is that if I put a line in
> > hosts.allow like
> >   sshd: my.ip.address
> > the rule does not match because sshd does not feature in inetd.conf.
> > 
> > What have I missed?
> 
> The fact that these files are irrelevant to sshd unless it's run from
> inetd.  Possibly a firewall, or simply a misconfigured sshd is the real
> culprit.
> 
> -- 
> MegaHAL quote:
> 	I think a blowpipe is a marijuana cigarrette.  
> 	It'll get you deleted!
> 
> 
> -- 
> Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
> 
> 


 _______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQCVAwUBOY6+/IdCcpBjGWoFAQE6igP9FWdo+vXZdVhQUMmUiV9h74/3vgjXGhF1
wjNfAU4I2cfG0N5az1nB+vqH8c0ERok67JpP1LzSkOSZTkBt1qZssRk/4+5UiPko
pJ0Ppfv2akgtnWmHdK6U15BqgK++gRSwJWSb1156puKkqWCHY9VDPk01CaHpnGH0
hSg+jkoUIG0=
=P2c/
-----END PGP SIGNATURE-----



Reply to: