On 2/21/20 11:49 AM, Ed Maste wrote:
> It seems starting sshd from inetd via tcpd is a reasonable approach
> for folks who want to use it; also, have folks using libwrap looked at
> sshd's Match blocks to see if they provide the desired functionality?
While match blocks can disallow a login from
On Sat, 15 Feb 2020 at 05:03, Bjoern A. Zeeb
wrote:
>
> I am also worried that the change will make a lot of machines
> unprotected upon updating to 13 if there is no big red warning flag
> before the install.
At least having sshd emit a warning is a prerequisite, certainly. I
don't yet know if
On 17-2-2020 08:02, Borja Marcos wrote:
On 14 Feb 2020, at 19:18, Ed Maste wrote:
Upstream OpenSSH-portable removed libwrap support in version 6.7,
released in October 2014. We've maintained a patch in our tree to
restore it, but it causes friction on each OpenSSH update and may
introduce
> On 14 Feb 2020, at 19:18, Ed Maste wrote:
>
> Upstream OpenSSH-portable removed libwrap support in version 6.7,
> released in October 2014. We've maintained a patch in our tree to
> restore it, but it causes friction on each OpenSSH update and may
> introduce security vulnerabilities not
On 14 Feb 2020, at 18:18, Ed Maste wrote:
Hi Ed,
Although the specific deprecation steps aren't yet fleshed out I'm
sending this as an early notice that I plan to disable libwrap support
from the base system sshd and that FreeBSD 13 will not support it.
I’ll be sad to run inetd again on
On 2/14/20 6:37 PM, Ben Woods wrote:
> On Sat, 15 Feb 2020 at 4:27 am, Joey Kelly wrote:
>
>> On Friday, February 14, 2020 01:18:44 PM Ed Maste wrote:
>>> Upstream OpenSSH-portable removed libwrap support in version 6.7,
>>> released in October 2014. We've maintained a patch in our tree to
>>>
On Sat, 15 Feb 2020 at 4:27 am, Joey Kelly wrote:
> On Friday, February 14, 2020 01:18:44 PM Ed Maste wrote:
> > Upstream OpenSSH-portable removed libwrap support in version 6.7,
> > released in October 2014. We've maintained a patch in our tree to
> > restore it, but it causes friction on each
On Fri, 14 Feb 2020 at 15:27, Joey Kelly wrote:
>
> On Friday, February 14, 2020 01:18:44 PM Ed Maste wrote:
> > Upstream OpenSSH-portable removed libwrap support in version 6.7,
> > released in October 2014. We've maintained a patch in our tree to
> > restore it, but it causes friction on each
Upstream OpenSSH-portable removed libwrap support in version 6.7,
released in October 2014. We've maintained a patch in our tree to
restore it, but it causes friction on each OpenSSH update and may
introduce security vulnerabilities not present upstream. It's (past)
time to remove it.
Although