[Bug 1024744] New: openssh: no support tcpwrapper
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744 Bug ID: 1024744 Summary: openssh: no support tcpwrapper Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: x86-64 OS: openSUSE 42.2 Status: NEW Severity: Critical Priority: P5 - None Component: Network Assignee: bnc-team-screening@forge.provo.novell.com Reporter: g.onay@ove.at QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Hi There is no support in sshd for the tcpwrapper (hosts.allow). This was also in openSUSE 13.2. In openSUSE 13.1 and Leap 42.1 there was support and in Leap 42.2 again not. Why is this? This is not consistent. We need to check after every update for support of tcpwrapper in openssh. This is not safe. Please build openssh packages with support for tcpwrapper. Thanks. Best regards -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744#c1
Andreas Stieger
* Sun Apr 17 2016 - upgrade to 7.2p2 (FATE#319675) [...] * sshd(8): Support for tcpwrappers/libwrap has been removed.
This has been known for years: http://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html Alternative sshd configuration exist, read about "Match". -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744#c2
--- Comment #2 from Gabriel Onay
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744
http://bugzilla.opensuse.org/show_bug.cgi?id=1024744#c3
--- Comment #3 from Gabriel Onay
Yes I know this message since the upgrade of openSUSE 13.1 to 13.2. Openssh in version 13.2 had no support for the tcpwrapper. I then installed the version of Leap 42.1 because it had the support.
The version 7.2p2 in Leap 42.2 also has the support, you just have to compile it with it. The other Linux distributions compile openssh with tcpwrapper.
I also know that one can configure the access protection in openssh, but we prefer to use hosts.allow as the central configuration.
https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-March/034982.html
-- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com