Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
Re: [suse-security] openssh - restrict logins
- From: Bob Vickers <bobv@xxxxxxxxxxxxx>
- Date: Fri, 5 Jul 2002 10:22:38 +0100 (BST)
- Message-id: <Pine.OSF.4.44.0207051016420.1702-100000@xxxxxxxxxxxxxxxxxxxxx>
Luke,
This is a misunderstanding (possibly the documentation could be clearer).
When hosts.allow was invented it was primarily for use by tcpd. But the
library routines can be used by other daemons as well, e.g. sendmail, sshd
and portmap. So you don't have to run inetd in order to take advantage of
hosts.allow .
The stock hosts.allow is pretty well documented in recent SuSE releases.
Bob
On Fri, 5 Jul 2002,
Luke Loh wrote: >
> I am running openssh and SuSEfirewall2 and would like to restrict ssh
> access to certain hosts.
>
> I have read the openssh docs and it seems I need to do this in
> hosts.allow, but this means that I need to have inetd / tcp-wrappers
> running. Is it possible to do this in SuSEfirewall2 without having inetd
> running?
>
==============================================================
Bob Vickers R.Vickers@xxxxxxxxxxxxx
Dept of Computer Science, Royal Holloway, University of London
WWW: http://www.cs.rhul.ac.uk/home/bobv
Phone: +44 1784 443691
This is a misunderstanding (possibly the documentation could be clearer).
When hosts.allow was invented it was primarily for use by tcpd. But the
library routines can be used by other daemons as well, e.g. sendmail, sshd
and portmap. So you don't have to run inetd in order to take advantage of
hosts.allow .
The stock hosts.allow is pretty well documented in recent SuSE releases.
Bob
On Fri, 5 Jul 2002,
Luke Loh wrote: >
> I am running openssh and SuSEfirewall2 and would like to restrict ssh
> access to certain hosts.
>
> I have read the openssh docs and it seems I need to do this in
> hosts.allow, but this means that I need to have inetd / tcp-wrappers
> running. Is it possible to do this in SuSEfirewall2 without having inetd
> running?
>
==============================================================
Bob Vickers R.Vickers@xxxxxxxxxxxxx
Dept of Computer Science, Royal Holloway, University of London
WWW: http://www.cs.rhul.ac.uk/home/bobv
Phone: +44 1784 443691
| < Previous | Next > |