Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Nov 2001 22:04:44 +0000
From:      George Cox <gjvc@extremis.net>
To:        P K <cyu0635@home.com>
Cc:        freebsd-questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: ssh
Message-ID:  <20011122220444.GA65021@beaujolais.extremis.net>
In-Reply-To: <000a01c1738b$522fb070$0100a8c0@cr1034264a>
References:  <000a01c1738b$522fb070$0100a8c0@cr1034264a>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 22/11 11:24, P K wrote:

> Hi all

Good day, Sir.

 
> I have questions

Not only have you come to the right place at freebsd-questions, but we also
have the answers -- sometimes.


> 1/ how do I know my ssh is with tcpwrapper?

If it's the one in the base system it will be.  To verify this, use the ldd
command to see that sshd is linked against the TCP wrappers library "libwrap"

        /usr/sbin/sshd:
          libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x28097000)
          libasn1.so.3 => /usr/lib/libasn1.so.3 (0x280c6000)
          libcom_err.so.2 => /usr/lib/libcom_err.so.2 (0x280e4000)
          libmd.so.2 => /usr/lib/libmd.so.2 (0x280e6000)
          libopie.so.2 => /usr/lib/libopie.so.2 (0x280ef000)
          libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x280f8000)
          libcrypto.so.2 => /usr/lib/libcrypto.so.2 (0x2810d000)
          libutil.so.3 => /usr/lib/libutil.so.3 (0x281c3000)
          libz.so.2 => /usr/lib/libz.so.2 (0x281cc000)
          libwrap.so.3 => /usr/lib/libwrap.so.3 (0x281d9000)  <<< TA DA
          libpam.so.1 => /usr/lib/libpam.so.1 (0x281e1000)
          libc.so.4 => /usr/lib/libc.so.4 (0x281ea000)

> 2/ how do i configure the hosts.allow? Do you have examples?
> put All:All: deny in the first line?
> because it is not same as linux. hosts.deny

hosts.deny is deprecated.  Put all your rules in hosts.allow.

Something like this should do the trick

        ALL   : localhost 127.0.0.1  : allow
        sshd  : ALL : allow
        ALL   : ALL : deny

        
> 3/ What is those symbols standing for
> fxp0, dc0, bw0

The first two are network interface names

        fxp0 is the first Intel EtherExpress card in your machine

        dc0 is the first DEC Tulip clone card in your machine -- examine file
        /usr/src/sys/pci/if_dc.c

as for bw0, I dunno -- http://www.etinc.com/bwmgrfaq.htm speaks of a Bandwidth
Manager device bw0


gjvc

-- 
[gjvc]

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011122220444.GA65021>