From owner-freebsd-security Wed Jan 19 13:58: 5 2000 Delivered-To: freebsd-security@freebsd.org Received: from turing.csis.gvsu.edu (csis.gvsu.edu [148.61.162.182]) by hub.freebsd.org (Postfix) with SMTP id 0484315234 for ; Wed, 19 Jan 2000 13:57:56 -0800 (PST) (envelope-from matt@csis.gvsu.edu) Received: (qmail 31423 invoked by uid 0); 19 Jan 2000 21:57:53 -0000 Received: from eos20.csis.gvsu.edu (matt@148.61.162.120) by turing.csis.gvsu.edu with QMQP; 19 Jan 2000 21:57:53 -0000 From: matt@csis.gvsu.edu Date: Wed, 19 Jan 2000 11:57:54 -0500 To: net admin Cc: Marc Silver , Stephan van Beerschoten , freebsd-security@FreeBSD.ORG Subject: Re: ssh-feature 'backdoor' Message-ID: <20000119115754.A5523@eos20.csis.gvsu.edu> References: <20000119165350.E8404@is.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.5i In-Reply-To: ; from net admin on Wed, Jan 19, 2000 at 01:36:13PM -0800 X-my-OS-is-better-than-your-OS: Linux 2.2.5-22 i686 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org net admin said: > I am just going to sneak in to this thread and throw-in a question; > I have read in the ssh docs that tcp_wrappers do not give any added > security benefits is used with ssh, and some even suggested that best not > to have tcp_wrappers with ssh????\ > > Please elucidate as to why tcp_wrappers would give added security when > used with ssh. I prefer to use tcp_wrappers with ssh so all my access control is in one file. Compiling with tcp_wrappers is redundant if sshd is spawned from inetd. sshd has a redimentary host control directives, ie AllowHosts. I can't see any adverse effects of compiling ssh with tcp_wrappers. Someone correct me if I'm wrong. -matt -- http://www.csis.gvsu.edu/matt 03 F8 23 C5 43 A2 F7 5A 24 49 F7 B0 3A F9 B1 7F Try to understand everything, but believe nothing To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message