From owner-freebsd-security  Thu Jun 26 19:05:42 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id TAA27757
          for security-outgoing; Thu, 26 Jun 1997 19:05:42 -0700 (PDT)
Received: from darkwing.pacific.net.sg (darkwing.pacific.net.sg [203.120.89.89])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id TAA27744
          for <freebsd-security@FreeBSD.ORG>; Thu, 26 Jun 1997 19:05:33 -0700 (PDT)
Received: (qmail 2926 invoked by uid 100); 27 Jun 1997 02:05:39 -0000
Message-ID: <19970627100539.54789@darkwing.pacific.net.sg>
Date: Fri, 27 Jun 1997 10:05:39 +0800
From: Ng Pheng Siong <ngps@pacific.net.sg>
To: James FitzGibbon <james@nexis.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: SSHD from Inetd
References: <19970627083601.24101@darkwing.pacific.net.sg> <Pine.BSF.3.95q.970626205621.14126C-100000@nexis.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.76e
In-Reply-To: <Pine.BSF.3.95q.970626205621.14126C-100000@nexis.net>; from James FitzGibbon on Thu, Jun 26, 1997 at 08:56:58PM -0400
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Jun 26, James FitzGibbon wrote:
> > Denied connections were logged, allowed ones weren't, IIRC.
> > Not good enough for me, so I'm running sshd out of inetd.
> 
> I think you can define "FascistLogging" either as a build option or as an
> option in sshd_config that will do this for you.

Indeed.

Well, as a matter of taste I prefer to keep all the access control stuff 
in one file, and I've always used the extended language option for 
tcpwrappers.


-- 
Ng Pheng Siong <ngps@pacific.net.sg> 

Fast. Secure. Cheap. Pick two.