On Tue, 12 Jun 2001, Manager Account wrote:
> I *just* (ie: defaults config files) installed ssh-2.4.0 on a SPARC running
> Solaris 7. The system also has PortSentry and tcp_wrappers-7.6 (ssh was
> configured with "--with-libwrap"). Everything works with sshd2 running as a
> daemon except hosts are not being properly denied (they are with telnet).
>
> Are there any configuration changes that need to be done?
Edit /etc/hosts.allow and put the following line:
sshd: 123.456.78.9, 192.168.34.5
replace the ip addresses above with your real ip addresses.
Edit /etc/hosts.deny and put the following line:
sshd: ALL
Or better yet:
ALL: ALL
> Is there any way to check if SSH is using libwrap?
Yes, edit /etc/hosts.allow. You don't need to restart sshd.
The running sshd automatically uses hosts.deny/hosts.allow.
--
"When you make a mistake and don't correct
it, that's what you call a mistake!"
-- Confucius
