Date: Wed, 07 May 2003 09:31:00 -0700 From: "Michael K. Smith" <mksmith@noanet.net> To: Dan Nelson <dnelson@allantgroup.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Where is tcpd? Message-ID: <BADE82D4.10527%mksmith@noanet.net> In-Reply-To: <20030507155409.GK63345@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/7/03 8:54 AM, "Dan Nelson" <dnelson@allantgroup.com> wrote: > In the last episode (May 07), Michael K. Smith said: >> Then I must have a misconfiguration somewhere. Here's what my >> inetd.conf entry looks like: >> >> ssh stream tcp nowait root /usr/sbin/sshd sshd -I >> >> And here is my inetd process: >> >> root 16368 0.0 0.3 1076 812 ?? Is 7:50AM 0:00.01 >> /usr/sbin/inetd -wW >> >> And my /etc/hosts.allow entry: >> >> sshd : .noanet.net >> >> But, when I run tcpdchk, I get: >> >> warning: /etc/hosts.allow, line 23: sshd: service possibly not wrapped > > Tcpdchk doesn't know if you're running inetd with the -w flag, so it > says 'possibly not wrapped'. Since you are running with -w, you can > ignore it. > > Also, I don't think sshd takes a -I argument. Why not just run it on > startup (sshd_enable="YES" in /etc/rc.conf)? sshd has tcp-wrapper > support builtin too, so you shouldn't need to launch a new copy from > inetd on every connect. I was originally trying to do that. I'm running OpenSSH 3.6.1p2 with libwrap and tcp-wrappers configured, but it doesn't seem to read the hosts.allow file (since I can connect from any where). Thus, I thought I would try the inetd model to see if that worked. If I remove the -i in inetd.conf it doesn't work at all, even from allowed hosts. Mike -- Michael K. Smith NoaNet 206.219.7116 (work) 206.579.8360 (cell) mksmith@noanet.net http://www.noanet.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BADE82D4.10527%mksmith>