Date: Sun, 23 Jul 2000 15:48:58 +0300 (EEST) From: Dmitry Pryanishnikov <dmitry@digital.dp.ua> To: freebsd-security@FreeBSD.ORG Subject: ssh2 bypasses host.allow in /etc/login.conf? Message-ID: <Pine.BSF.4.21.0007231516570.10780-100000@ff.dsu.dp.ua>
index | next in thread | raw e-mail
Hello!
I've just discovered that ssh2 on FreeBSD bypasses host.allow check in
/etc/login.conf while ssh1 does not! That is, I've added a user with a class
guest and added a login class guest into /etc/login.conf:
guest:\
:host.allow=192.168.18.*:\
:tc=default:
So I want to deny such user's login from any machine except one of our local
networks. I've checked telnet,ftp,rlogin,rsh,ssh1 - all those utilities
honoured login restriction. While ssh2 does not.
Is it known problem? Does the solution exist?
Sincerely, Dmitry
Dnipropetrovsk State University, E-mail: dmitry@digital.dp.ua
Physical Faculty, WWW: http://ff.dsu.dp.ua
Department of Experimental Physics
Dnipropetrovsk, Ukraine FTP: ftp://digital.dp.ua/DEC
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007231516570.10780-100000>