Date: Wed, 21 Feb 2001 10:44:33 +0900 From: itojun@iijlab.net To: "Peter C. Lai" <sirmoo@cowbert.2y.net> Cc: "Thomas Cannon" <tcannon@noops.org>, "Geoffrey T. Falk" <gtf@cirp.org>, security@FreeBSD.ORG Subject: Re: IPv6 risk with ssh? Message-ID: <28392.982719873@coconut.itojun.org> In-Reply-To: sirmoo's message of Tue, 20 Feb 2001 20:40:47 EST. <000d01c09ba7$50558700$1e9e6389@137.99.156.23>
next in thread | previous in thread | raw e-mail | index | archive | help
>iirc ssh's ipv46 is ipv6 translation to ipv4 via the faith device. can >someone comment on this? (i could be wrong). no. the "tcp46" line is for sshd listening to AF_INET6 wildcard socket, which may grab both IPv4/v6 traffic (if you run fstat, you will see it more clearer). if you would like to disable the AF_INET6 listening socket by sshd, have the following line in /etc/sshd_config: ListenAddress 0.0.0.0 or "sshd -4" should do it. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28392.982719873>