Confused about tcp_wrappers and sshd
barophobia
barophobia at gmail.com
Wed Aug 24 18:34:16 UTC 2005
On 8/24/05, STYMA, ROBERT E (ROBERT) <stymar at lucent.com> wrote:
> I just retested on FC3. The ssh that comes
> with the standard repos does honor the
> /etc/hosts.allow and /etc/hosts.deny files.
> I am not real familiar with the HOSTDENY program,
> but if it updates /etc/hosts.deny, ssh will
> honor it. The tcpwrappers program also checks
> /etc/hosts.deny and /etc/hosts.allow.
>
> You can easily test this by hand.
What I did was the following:
(I am logged in via ssh on a remote host.)
1. Open /etc/hosts.deny
2. Add a line that reads "sshd: 127.0.0.1"
3. Save and exit
4. 'service sshd restart'
5. 'ssh localhost'
The document I linked to earlier says I should get the following
message "ssh_exchange_identification: Connection closed by remote
host". Instead I just get a new RSA key fingerprint message.
Am I doing something wrong or is there another way to test it?
Thanks,
Chris.
>
> Bob Styma
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list