If you want to run it via inetd and tcpd, make sure that the entry in
/etc/hosts.allow has a service name that matches the name of the binary
you execute. In this case, since you execute "sshd", the hosts.allow entry
should be something like:
sshd: 192.168.1.*
Use tcpdmatch to check your hosts.allow/deny settings:
tcpdmatch sshd 192.168.1.1
tcpdmatch sshd 10.0.0.10
Also, try "telnet localhost 22"
A "connection refused" means nothing's listening on port 22. A "connection
closed" would indicate that the tcpd is doing its thing. A "SSH-2.0.13"
banner would indicate that the tcpd is letting you in but that sshd is
flaking out.
The real solution, though, is to not use inetd at all because of the
performance loss. On our systems (SPARC 5 running Solaris) it takes 30
seconds for a connection, and under inetd it'd be even slower. Try this
instead:
1. Remove sshd from inetd.conf and HUP inetd.
Make sure that port 22 is free: "telnet localhost 22" should
give a "connection refused"
2. Get and unpack sshd-2.0.13 again
3. "configure --with-libwrap=DIR"
where DIR is the directory that contains libwrap.a
You *did* save libwrap.a when you compiled tcpd, didn't you?
4. Start up sshd
5. Create a hosts.allow and hosts.deny file, and make sure that
the service name matches the binary name, as above. If you run
"/usr/local/sbin/sshd2" then the service name must be "sshd2"
--
Gregor Mosheh
[EMAIL PROTECTED]
Systems Admin, Humboldt Internet
707.825.4638
On Tue, 9 Nov 1999, Christopher Dingle wrote:
>
> Hi,
>
> I think that the solution to my problem may be to run ssh from inetd.
>
> I added the following to /etc/inetd.conf:
> ssh stream tcp nowait root /usr/etc/tcpd /usr/local/sbin/sshd -i
>
> and I added a line to /etc/services for ssh on port 22:
> ssh 22/tcp secure
>
> However, when I attempt connections I get:
>
> "Connection lost on output." or some such.
>
> Am I forgetting something and/or doing something silly? I have a feeling that the
>problem
> may have to do with the /usr/etc/tcpd part of the line. Any ideas?
>
> Thanks,
> Chris
>
> -----------------------------------------------
> Christopher Dingle * [EMAIL PROTECTED]
> Systems Administrator - High Energy Astrophysics Division
> Harvard-Smithsonian Center for Astrophysics
> 60 Garden St. , Cambridge MA 02138
> -----------------------------------------------
>
>
