That does sound strange. Try using tcpdmatch and tcpdchk to see what's up
with your files, e.g. "tcpdmatch sshd2 somewhere.notallowed.com" and
"tcpdmatch sshd2 38.111.111.1"
FYI: SSH1 won't use tcpwrappers at all if it's invoked via SSH2. The SSH2
(in your case. the sshd2) is what determines whether it will accept the
connection or drop it. By the time SSH1 is executed, the libwrap checks
have already been done.
--
Gregor Mosheh
[EMAIL PROTECTED]
Systems Admin, Humboldt Internet
707.825.4638
On Thu, 20 Jul 2000, ptah wrote:
> Greetings.
>
>
> I have ssh1 and ssh2 installed on my machines (so
> they will be backwards compatable) and I am
> have some issues with /etc/hosts.deny &
> etc/hosts.allow.
>
> I downloaded SSH1, compiled, installed. Repeated
> those steps with SSH2, but enabled libwrap.
>
> Problem is, SSH2 & SSH1 are allowing connections from
> any host on the net. Here is a copy of my
> /etc/hosts.deny
>
> ALL: ALL
> ALL: UNKNOWN
>
>
> here is my /etc/hosts/allow
>
> ALL : 192.
>
> sshd2: 38.111.111.1
> sshd: 38.111.111.1
>
>
> its in that format.. I run sshd2, but I put sshd
> in there in case it needed it when someone using
> ssh1 connected -- I know this shouldn't matter and
> sshd2 should be correct, but I am trying everything..
>
> Basically I want to allow one IP to connect and
> thats is, deny everything else. I compiled
> with ./configure --with-libwrap=/usr/lib/libwrap.a
> and hell I even tried --with-libwrap=/usr/lib ..
> and yes I have libwrap.a and the tcpxx.c file (
> I forget the name right now).. anyway when
> I was running inetd with active telenet connection
> the above worked great for me -- replacing sshd2
> with in.telentd of course.. but anyway.. if
> anyone could help my out on this issue I would
> be very thankful.
>
