Date: Mon, 24 Jul 2000 16:12:06 +0300 (EEST) From: Dmitry Pryanishnikov <dmitry@digital.dp.ua> To: Mike Hoskins <mike@adept.org> Cc: Paul Boehmer <pboehmer@seidata.com>, freebsd-security@FreeBSD.ORG Subject: Re: ssh2 bypasses host.allow in /etc/login.conf? Message-ID: <Pine.BSF.4.21.0007241610100.44653-100000@ff.dsu.dp.ua> In-Reply-To: <Pine.BSF.4.21.0007231523050.21380-100000@snafu.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Sun, 23 Jul 2000, Mike Hoskins wrote: > On Sun, 23 Jul 2000, Dmitry Pryanishnikov wrote: > > > Maybe I've missed something, but I mean NOT a file host.allow, but the > > BSD-native login class restrictions written in /etc/login.conf, which > > checked with auth_hostok() (or login_getclass()/login_getcapstr() as > > in sshd.c from ssh1). Of course, make WITH_TCPWRAP=yes doesn't help! > > So... are these methods also in ssh2's .c file? Just curious... As Paul I haven't found them there ;( > 2. Maybe this is just a case of getting bitten by this fact. Have you > tried OpenSSH? A much better solution, IMCO. Sorry, I don't have sufficient time now, maybe later I'll try.. Sincerely, Dmitry Dnipropetrovsk State University, E-mail: dmitry@digital.dp.ua Physical Faculty, WWW: http://ff.dsu.dp.ua Department of Experimental Physics Dnipropetrovsk, Ukraine FTP: ftp://digital.dp.ua/DEC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007241610100.44653-100000>