Re: [TCLUG:3567] More Security Questions...

To: tclug-list@listserv.real-time.com
Subject: Re: [TCLUG:3567] More Security Questions...
From: Hans Davin Umhoefer <spudling@acm.cs.umn.edu>
Date: Thu, 21 Jan 1999 10:57:15 -0600
In-Reply-To: <004701be44b2$1b8f5bc0$0201a8c0@peanut.home.net>; from Scott K. Johnson on Wed, Jan 20, 1999 at 02:18:54PM -0600
References: <004701be44b2$1b8f5bc0$0201a8c0@peanut.home.net>

Scott K. Johnson wrote:
> When you guys say you block other ports, do you simply comment out the
> corresponding entry in /etc/services?  Or is there more to it than that?
> 
> >From what I understand (no smart remarks...8p), tcp wrappers are used with
> services like ftp, telnet, etc.  Can they be used with ssh?  How does that
> relationship work?

I use tcpwrappers with ssh. I had to run the daemons through inetd though. It's not too hard. ssh runs on port 22 by default. Just add this into /etc/services

ssh	22/tcp

and this into /etc/inetd.conf

ssh     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/local/sbin/sshd1 -i

type

restart inetd and sshd should be started when a request comes in. Make sure you do not try to run sshd from the shell or one of the rc files. Now you will be able to control ssh access using the /etc/hosts.* files. You should also get more detailed log entries.  

-- 
Hans D Umhoefer (spudling@acm.cs.umn.edu)

Prev by Date: Re: [TCLUG:3310] Modules in devel kernels
Prev by thread: Re: [TCLUG:3310] Modules in devel kernels
Index(es):
- Date
- Thread