On Sat, Apr 27, 2002 at 01:14:44PM -0700, Paul Overby wrote: > Thanks to anyone who took their precious time to check my problem but I > figured it out. Request was being rejected because of the hosts.deny > file even though I had ssh in the hosts.allow file. > What's the correct specification for hosts.allow. As far as I know, the current convention is to not use the host.deny file at all, but put all your ALLOW and DENY rules in you host.allow. For ssh you would do something like sshd: ip.to.allow : rfc931 : ALLOW sshd: ALL : DENY That will allow ssh connection from ip.to.allow. If you need to allow ssh connection from everywhere, I suggest sshd: ALL EXCEPT PARANOID : rfc931 : ALLOW That will allow ssh connection except from hosts who's forward and reverse DNS entries don't match. These same rules can be used for other services, too, making the appropriate substitutions, of course. Gabe -- Gabe Turner gabe at msi.umn.edu SGI Origin Systems Administrator, University of Minnesota Supercomputing Institute for Digital Simulation and Advanced Computation www.msi.umn.edu