Date: Mon, 04 Nov 1996 09:30:12 -0700 From: "Mark O'Lear" <Mark.Olear@Colorado.EDU> To: jamie <batsy@groovy.dreaming.org> Cc: freebsd-questions@FreeBSD.org Subject: Re: tcp_wrappers Message-ID: <327E1A14.3B62@Colorado.EDU> References: <Pine.BSF.3.95.961103152942.4517A-100000@groovy.dreaming.org>
next in thread | previous in thread | raw e-mail | index | archive | help
jamie wrote:
>
> I can't seem to get tcpd and sshd to coexist peacefully on the
> 960612-snap. tcpd thinks that port 22 is already in use so sshd barfs when
> every I try to connect to the machine using ssh. If someone could point
> out the config error I have made, I'd be truly grateful:)
If you are going to run it from inetd with tcpd, you will have
to run it with the following flag from the sshd man page:
-i Specifies that sshd is being run from inetd. Sshd
is normally not run from inetd because it needs to
generate the server key before it can respond to
the client, and this may take tens of seconds.
Clients would have to wait too long if the key was
regenerated every time. However, with small key
sizes (e.g. 512) using sshd from inetd may be fea-
sible.
If you configure it with '--with-libwrap' it will do all the
tcpd stuff for you (including looking at the hosts.[allow|deny]
files), then you can run it from rc.local and it won't have
to regenerate the key every time.
--
Mark O'Lear \ e-mail: Mark.Olear@Colorado.EDU
University of Colorado \ phone: (303) 492-3798
Telecomm. Svcs. (CB 313) \ fax: (303) 492-5105
Boulder, CO 80309 \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?327E1A14.3B62>