Date: Mon, 17 Apr 2000 08:21:36 -0400 From: Keith Stevenson <k.stevenson@louisville.edu> To: Kresimir Kumericki <kkumer@phy.hr> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: sshd and tcp-wrappers Message-ID: <20000417082136.C95086@osaka.louisville.edu> In-Reply-To: <20000417122732.A1826@phy.hr>; from kkumer@phy.hr on Mon, Apr 17, 2000 at 12:27:33PM %2B0200 References: <20000417122732.A1826@phy.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 17, 2000 at 12:27:33PM +0200, Kresimir Kumericki wrote: > Hi! > I am a bit confused about tcp-wrapping the sshd. On my > 3.4-STABLE machine sshd1 (port) ignores instructions in hosts.allow. > This seemed ok to me since it says in hosts.allow: > > # Wrapping sshd(8) is not normally a good idea > > and I assumed that sshd is not wrapped. Now I see that 'ldd sshd' > gives: libwrap.so.7 => /usr/local/lib/libwrap.so.7 (0x280a4000) > so why doesn't it obey hosts.allow? The ports version of TCP Wrappers looks for its files in /usr/local/etc. > > On the other hand, my new 4.0-STABLE sshd (part of a base system) > is tcp-wrapped by default and obeys hosts.allow, although there still > stands that "wrapping sshd(8) is not normally a good idea." (And > why is it not a good idea?) The base system version of TCP Wrappers uses the files in /etc. Regards, --Keith Stevenson-- -- Keith Stevenson System Programmer - Data Center Services - University of Louisville k.stevenson@louisville.edu PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000417082136.C95086>