TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:3567] More Security Questions...
- To: tclug-list@listserv.real-time.com
- Subject: Re: [TCLUG:3567] More Security Questions...
- From: Hans Davin Umhoefer <spudling@acm.cs.umn.edu>
- Date: Thu, 21 Jan 1999 10:57:15 -0600
- In-Reply-To: <004701be44b2$1b8f5bc0$0201a8c0@peanut.home.net>; from Scott K. Johnson on Wed, Jan 20, 1999 at 02:18:54PM -0600
- References: <004701be44b2$1b8f5bc0$0201a8c0@peanut.home.net>
Scott K. Johnson wrote:
> When you guys say you block other ports, do you simply comment out the
> corresponding entry in /etc/services? Or is there more to it than that?
>
> >From what I understand (no smart remarks...8p), tcp wrappers are used with
> services like ftp, telnet, etc. Can they be used with ssh? How does that
> relationship work?
I use tcpwrappers with ssh. I had to run the daemons through inetd though. It's not too hard. ssh runs on port 22 by default. Just add this into /etc/services
ssh 22/tcp
and this into /etc/inetd.conf
ssh stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/sshd1 -i
type
restart inetd and sshd should be started when a request comes in. Make sure you do not try to run sshd from the shell or one of the rc files. Now you will be able to control ssh access using the /etc/hosts.* files. You should also get more detailed log entries.
--
Hans D Umhoefer (spudling@acm.cs.umn.edu)