From owner-freebsd-questions Tue Apr 30 21:31:35 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.theplanet.com (mail1.theplanet.com [216.234.234.32]) by hub.freebsd.org (Postfix) with ESMTP id 09F2137B405 for ; Tue, 30 Apr 2002 21:31:32 -0700 (PDT) Received: from jheath.theplanet.com (jheath.theplanet.com [216.185.111.7] (may be forged)) by mail1.theplanet.com (8.9.3/8.9.3) with ESMTP id XAA23253; Tue, 30 Apr 2002 23:31:25 -0500 (CDT) Message-Id: <5.1.0.14.2.20020430232925.024e3540@mail.theplanet.com> X-Sender: jheath@mail.theplanet.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 30 Apr 2002 23:30:38 -0500 To: Peter Leftwich From: Justin Heath Subject: Re: OpenSSH and hosts.allow Cc: FreeBSD LIST In-Reply-To: <20020430153741.M10042-100000@earl-grey.cloud9.net> References: <5.1.0.14.2.20020428223215.02521ec0@mail.theplanet.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Peter, Thnaks. I didnt think to do a `host blah.blah.com`. That should work for now until I get everything figured out. At 03:40 PM 4/30/2002 -0400, Peter Leftwich wrote: >On Sun, 28 Apr 2002, Justin Heath wrote: > > Peter, I am using SSHd version OpenSSH_2.9 (FreeBSD localisations > 20020307). As you can see this is not installed from the ports. I am > using /etc/hosts.allow. Which is where SSHd should be looking since it is > part of the base system and not a port. Thanks. > >Oops, duh, I'd forgotten about that file (/etc/hosts.allow)! Honestly, >thanks for the reminder - now I remember why sendmail isn't working >properly (yet I can telnet port 25 of my box and deliver spoofed email). > >I would recommend you type `host my.domain.com` and use that IP in place of >your "0.0.0.0: allow" example. > > > At 02:43 PM 4/28/2002 -0400, Peter Leftwich wrote: > > >On Sun, 28 Apr 2002, Justin Heath wrote: > > > > I am trying to set up sshd (OpenSSH) to use hosts.allow . The > problem is that the rules seem to work with IP address but not host names. > > > > Example - Works: sshd: 0.0.0.0: allow > > > > Does not work: sshd: .domain.com: allow (nor) sshd: my.domain.com: > allow > > > > Any suggestions? Thanks. -Justin Heath > > > Justin, Which version of OpenSSH (`sshd -v` this says illegal option, > but then gives you the version on the next line of stderr output) are you > using? What is the path to the hosts.allow file in your references? > > Justin Heath > >Best of luck with it. I've heard various versions of ssh(d) support >hostnames, and others are strictly IP-based. > >-- >Peter Leftwich >President & Founder >Video2Video Services >Box 13692, La Jolla, CA, 92039 USA >+1-413-403-9555 Justin Heath To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message