The ongoing saga.
I compiled ssh 2.1.0 with tcp-wrapper on my two AIX 4.2.1 machines,
and without wrapper on my AIX 4.3.2 machine. But when trying to sftp
into my tcp-wrapped machine from a remote machine, it would just hang
most of the time. No problem with the non-wrapped ssh. I couldn't
find much on this -- there was one Debian web page where the guy
described a problem with ssh/tcp-wrapper identical to mine and he had
reported it as a bug. ... I just went ahead and re-compiled without
tcp-wrapper and instead added sshd2 to my inetd.conf,
exec stream tcp nowait root /usr/local/bin/tcpd
sshd2 -i
and updated my hosts.allow with: "sshd2: <IP address> " etc.
This seems to be working just fine except for one (well, a couple
of) thing(s). I had initially included the IP address of my (remote
domain) home machine in the hosts.allow, which I later took out. If a
remote machine (not my home machine) trys to ssh/sftp in, wrapper knocks
them right out. good. But if I try to ssh/sftp from my home machine,
it still lets it in. (!) I've refreshed inetd, "refresh -s inetd",
I've re-started the sshd2 daemon. But it's still letting my home
machine in, when it shouldn't. -Anybody know whether I've overlooked
something?
Another thing is the ssh is *really* slow coming in through inetd.
Do we just have to live with that, or is there anything I can do? It
also doesn't help that this designated sftp machine is only a
1-processor RS/6000.
Thanks a lot for any help, advice or info. Please email
[EMAIL PROTECTED]
thanks!
--
Vicki Lonell Hain
Systems Programming - AIS
Univ. of NC -Chapel Hill
(919)966-1901
