From owner-freebsd-security Wed Mar 15 14:15:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from dt051n0b.san.rr.com (dt051n0b.san.rr.com [204.210.32.11]) by hub.freebsd.org (Postfix) with ESMTP id 44D6437C1CA for ; Wed, 15 Mar 2000 14:15:11 -0800 (PST) (envelope-from Doug@gorean.org) Received: from slave (doug@slave [10.0.0.1]) by dt051n0b.san.rr.com (8.9.3/8.9.3) with ESMTP id OAA02191; Wed, 15 Mar 2000 14:14:57 -0800 (PST) (envelope-from Doug@gorean.org) Date: Wed, 15 Mar 2000 14:14:57 -0800 (PST) From: Doug Barton X-Sender: doug@dt051n0b.san.rr.com To: Rodrigo Campos Cc: freebsd-security@FreeBSD.ORG Subject: Re: wrapping sshd In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 15 Mar 2000, Rodrigo Campos wrote: > In the /etc/hosts.allow file there's a comment saying that "is not > normally a good idea" to wrapp sshd(8), I'm just asking myself why > wouldn't be a good idea to do it since it seems to me that openssh has > options to restrict access to it except compiling it with LIBWRAP support. This is really more of a -questions question, for future reference. To answer, I have always wondered about that warning myself, but I've never let it slow me down. :) I have never not wrapped sshd, and it's always worked for me. Doug -- "While the future's there for anyone to change, still you know it seems, it would be easier sometimes to change the past" - Jackson Browne, "Fountain of Sorrow" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message