From owner-freebsd-questions@FreeBSD.ORG  Wed May  7 08:54:12 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 245BE37B404
	for <freebsd-questions@freebsd.org>;
	Wed,  7 May 2003 08:54:12 -0700 (PDT)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E852F43F85
	for <freebsd-questions@freebsd.org>;
	Wed,  7 May 2003 08:54:10 -0700 (PDT)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.12.9/8.12.9) id h47FsAJO088857;
	Wed, 7 May 2003 10:54:10 -0500 (CDT)
	(envelope-from dan)
Date: Wed, 7 May 2003 10:54:10 -0500
From: Dan Nelson <dnelson@allantgroup.com>
To: "Michael K. Smith" <mksmith@noanet.net>
Message-ID: <20030507155409.GK63345@dan.emsphone.com>
References: <20030507153632.GJ63345@dan.emsphone.com>
	<BADE7760.104FF%mksmith@noanet.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <BADE7760.104FF%mksmith@noanet.net>
X-OS: FreeBSD 5.0-CURRENT
X-message-flag: Outlook Error
User-Agent: Mutt/1.5.4i
cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: Where is tcpd?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 May 2003 15:54:12 -0000

In the last episode (May 07), Michael K. Smith said:
> Then I must have a misconfiguration somewhere.  Here's what my
> inetd.conf entry looks like:
> 
> ssh  stream  tcp  nowait  root /usr/sbin/sshd  sshd -I
> 
> And here is my inetd process:
> 
> root    16368  0.0  0.3  1076  812  ??  Is    7:50AM   0:00.01 /usr/sbin/inetd -wW
> 
> And my /etc/hosts.allow entry:
> 
> sshd : .noanet.net
> 
> But, when I run tcpdchk, I get:
> 
> warning: /etc/hosts.allow, line 23: sshd: service possibly not wrapped

Tcpdchk doesn't know if you're running inetd with the -w flag, so it
says 'possibly not wrapped'.  Since you are running with -w, you can
ignore it.

Also, I don't think sshd takes a -I argument.  Why not just run it on
startup (sshd_enable="YES" in /etc/rc.conf)?  sshd has tcp-wrapper
support builtin too, so you shouldn't need to launch a new copy from
inetd on every connect.

-- 
	Dan Nelson
	dnelson@allantgroup.com