I was not able to get 2.0.13 to work with wrappers and F-Secure clients,
even with the help of the F-Secure tech support. However, the
sshd2_config file has allowance for this "wrapper" type allow/deny
business. This works quite well, but you have to remember to put the
specific machines before the general subnet IP's.
hope this helps,
Calvin Bebermeyer
[EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim
Ennis
Sent: Tuesday, May 16, 2000 4:24 PM
To: [EMAIL PROTECTED]
Subject: wrappers 7.6 and ssh-2.0.13
Hello,
I have installed tcp_wrappers on a Solaris 7 box and I have installed
ssh
with the with-libwrap option. I can't seem to get ssh to check the
hosts.allow and host.deny files to prevent me from connecting from a
non-authorized segment. As far as I can tell, sshd2 is not using any of
the wrappers support.
Will wrappers support work when the program is run as a stand alone
daemon (not run from inetd)?
I have checked the sshd2 binary and the hosts information seems to be in
the binary (using the strings command).
My /etc/hosts.allow file looks like:
sshd2: 132.170.249.* : allow
My /etc/hosts.deny file looks like:
sshd2: ALL: (/local/bin/safe_finger -l @%h | /usr/bin/mailx -s %d-%h
root)
&
The daemon runs from /etc/rc2.d as /usr/sbin/sshd2
Any ideas or tips?
thanks in advance.
Jim Ennis | [EMAIL PROTECTED]
Systems Administrator | (407) 823-1701 | Fax: (407)
823-5476
University of Central Florida | Murphy's paradox:
| Doing it the hard way is always
easier.
