ssh security
Chris Orr
chris at manual-override.net
Fri Sep 24 14:03:07 PDT 2004
When you build openssh, you need to be sure to add the --with-tcp-wrappers
argument when you run the configure script.
ex: ./configure --with-ssl-dir=../openssl --with-pam --with-tcp-wrappers
Hopefully this points you in the right direction.
-chris
On Fri, 24 Sep 2004, Terry wrote:
> Derek Ragona wrote:
>
>
> >> I tried to implement a similar scheme in my hosts.allow on a FreeBSD
> >> 5.2.1 server. But when I try to test it from an IP outside my LAN, it
> >> still allows ssh logins. I even put in a line in hosts.allow to
> >> explicitly deny the IP I was ssh'ing from, but it still let me in.
> >> The behavior gives the appearance that TCP wrappers are not enabled,
> >> and thus the /etc/hosts.allow file is ignored.
> >>
> >> Is there something I need to do to enable the wrappers in sshd? I saw
> >> that there is a compile option for the portable source from
> >> openssh.org, so I wonder if there is some compile option that needs to
> >> be enabled in make.conf?
> >>
> >> I have gone through the documentation for sshd_config, sshd,
> >> make.conf, etc. but am not finding anything to change.
> >>
> >> -Derek
> >>
> >>
More information about the freebsd-security
mailing list