Date: Wed, 15 Mar 2000 14:04:54 -0800 From: Lawrence Sica <larry@interactivate.com> To: Rodrigo Campos <camposr@MATRIX.COM.BR> Cc: freebsd-security@FreeBSD.ORG Subject: Re: wrapping sshd Message-ID: <38D00906.389A9A28@interactivate.com> References: <Pine.BSF.4.21.0003151730240.11873-100000@speed.matrix.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------F37E95190F171FB493FFD703 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Rodrigo Campos wrote: > On Wed, 15 Mar 2000, Sheldon Hearn wrote: > > > > > > > On Wed, 15 Mar 2000 16:29:48 -0300, Rodrigo Campos wrote: > > > > > In the /etc/hosts.allow file there's a comment saying that "is not > > > normally a good idea" to wrapp sshd(8) > > > > The answer has nothing to do with secrurity, although you couldn't have > > known that without reading the sshd(8) manual page. :-) > > > > Look for the first occurance of the word inetd in the sshd(8) manual > > page. > > But my question has nothing to do with inetd, by "wrapping sshd" I mean > compiling it with support to libwrap, wich would make it read the > /etc/hosts.allow file in order to grant or deny access based on the > client hostname or ip address, even when it's running as a daemon. > sshd can do this within it's own config file already. The reasons for not running it in inetd are pretty much the same for not wrapping it. --Larry > > -- > ________________________ > Rodrigo Albani de Campos > Matrix Internet - NOC > http://www.br-unix.org/users/campos/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --------------F37E95190F171FB493FFD703 Content-Type: text/x-vcard; charset=us-ascii; name="larry.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Lawrence Sica Content-Disposition: attachment; filename="larry.vcf" begin:vcard n:Sica;Lawrence tel;fax:858-793-4069 tel;work:858-793-4060 x-mozilla-html:FALSE url:http://www.interactivate.com org:Interactivate, Inc. adr:;;2244b Carmel Valley Rd;Del Mar;CA;92014;USA version:2.1 email;internet:larry@interactivate.com title:Systems Adminstrator fn:Lawrence Sica end:vcard --------------F37E95190F171FB493FFD703-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38D00906.389A9A28>