Hi, System: SGI Origin 2000, IRIX64 6.5.4m IP27 ssh version(s): 2.0.13 and 1.2.27 I emailed the list a few days ago with a problem I was having with ssh 1.2.27. Basically, I have installed 1.2.27 and 2.0.13 with compatibility. I am also using tcp wrappers 7.6. So far both versions are obeying the tcp wrappers, however there seems to be a problem with host/address resolution for ssh1. For debugging purposes only, FascistLogging was on. Here is the output: Nov 4 16:22:47 6E:kodos sshd[126932]: connection from "131.142.42.174" Nov 4 16:22:47 7D:kodos sshd[131132]: debug: sshd version 1.2.27 [mips-sgi-irix 6.5] Nov 4 16:22:47 7D:kodos sshd[131132]: debug: Forcing server key to 1152 bits to make it differ from host key. Nov 4 16:22:47 7D:kodos sshd[131132]: debug: Initializing random number generat or; seed file /etc/ssh_random_seed Nov 4 16:22:47 7D:kodos sshd[131132]: debug: inetd sockets after dupping: 6, 7 Nov 4 16:22:47 6D:kodos sshd[131132]: log: Generating 1152 bit RSA key. Nov 4 16:22:48 6D:kodos sshd[131132]: log: RSA key generation complete. Nov 4 16:22:48 6D:kodos sshd[131132]: log: Connection from 255.255.255.255 port 33160 Nov 4 16:22:48 7D:kodos sshd[131132]: debug: Client protocol version 1.5; clien t software version 1.2.27 One question is about the line: Nov 4 16:22:48 6D:kodos sshd[131132]: log: Connection from 255.255.255.255 port 33160 Am I being stupid and just don't see that this is just ssh2 opening an ssh1 compatible connection? Or is ssh actually resolving hosts as 255.255.255.255. Before, when I was testing things with just ssh 1.2.27 it could see what host I was coming from but still /var/log/SYSLOG said something about 255.255.255.255. I am just wondering why I am seeing the broadcast address in this instance. The second question is as follows. I have /etc/hosts.deny set up to do the following for connections that are denied: ALL: ALL: spawn (echo "%s - connection attempt from %a"| /usr/sbin/mailx cmd@hea d-cfa.harvard.edu) This works fine for other services like rlogin, rsh, telnet, etc. The output is what we would expect, I get a mail message that looks like: rlogind@kodos - connection attempt from 131.142.45.103 However, with ssh, I get this sshd@kodos - connection attempt from 0.0.0.0 Has anyone seen this before? I mean, in /var/adm/SYSLOG the address is getting resolved fine, and ssh IS obeying the wrappers. tcpdmatch ssh hostname gives the appropriate output, so the DENY extension should give me the correct output. Has anyone seen this behavior before? At config time I got an error about inet_ntoa being broken. Thanks, Chris ----------------------------------------------- Christopher Dingle * [EMAIL PROTECTED] Systems Administrator - High Energy Astrophysics Division Harvard-Smithsonian Center for Astrophysics 60 Garden St. , Cambridge MA 02138 -----------------------------------------------
