Date: Mon, 04 Nov 1996 09:30:12 -0700 From: "Mark O'Lear" <Mark.Olear@Colorado.EDU> To: jamie <batsy@groovy.dreaming.org> Cc: freebsd-questions@FreeBSD.org Subject: Re: tcp_wrappers Message-ID: <327E1A14.3B62@Colorado.EDU> References: <Pine.BSF.3.95.961103152942.4517A-100000@groovy.dreaming.org>
next in thread | previous in thread | raw e-mail | index | archive | help
jamie wrote: > > I can't seem to get tcpd and sshd to coexist peacefully on the > 960612-snap. tcpd thinks that port 22 is already in use so sshd barfs when > every I try to connect to the machine using ssh. If someone could point > out the config error I have made, I'd be truly grateful:) If you are going to run it from inetd with tcpd, you will have to run it with the following flag from the sshd man page: -i Specifies that sshd is being run from inetd. Sshd is normally not run from inetd because it needs to generate the server key before it can respond to the client, and this may take tens of seconds. Clients would have to wait too long if the key was regenerated every time. However, with small key sizes (e.g. 512) using sshd from inetd may be fea- sible. If you configure it with '--with-libwrap' it will do all the tcpd stuff for you (including looking at the hosts.[allow|deny] files), then you can run it from rc.local and it won't have to regenerate the key every time. -- Mark O'Lear \ e-mail: Mark.Olear@Colorado.EDU University of Colorado \ phone: (303) 492-3798 Telecomm. Svcs. (CB 313) \ fax: (303) 492-5105 Boulder, CO 80309 \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?327E1A14.3B62>