Date: Wed, 15 Mar 2000 17:35:33 -0300 (EST) From: Rodrigo Campos <camposr@MATRIX.COM.BR> To: Sheldon Hearn <sheldonh@uunet.co.za> Cc: freebsd-security@freebsd.org Subject: Re: wrapping sshd Message-ID: <Pine.BSF.4.21.0003151730240.11873-100000@speed.matrix.com.br> In-Reply-To: <59327.953151264@axl.ops.uunet.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Mar 2000, Sheldon Hearn wrote: > > > On Wed, 15 Mar 2000 16:29:48 -0300, Rodrigo Campos wrote: > > > In the /etc/hosts.allow file there's a comment saying that "is not > > normally a good idea" to wrapp sshd(8) > > The answer has nothing to do with secrurity, although you couldn't have > known that without reading the sshd(8) manual page. :-) > > Look for the first occurance of the word inetd in the sshd(8) manual > page. But my question has nothing to do with inetd, by "wrapping sshd" I mean compiling it with support to libwrap, wich would make it read the /etc/hosts.allow file in order to grant or deny access based on the client hostname or ip address, even when it's running as a daemon. -- ________________________ Rodrigo Albani de Campos Matrix Internet - NOC http://www.br-unix.org/users/campos/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003151730240.11873-100000>