This is the mail archive of the
cygwin
mailing list for the Cygwin project.
tcp_wrappers sshd hosts.allow problem
- From: Reini Urban <rurban at x-ray dot at>
- To: The Cygwin Mailing List <cygwin at cygwin dot com>
- Date: Fri, 2 Apr 2010 13:18:24 +0200
- Subject: tcp_wrappers sshd hosts.allow problem
Hi Chuck
The new tcp_wrappers-7.6-20 comes with a wrong
/etc/defaults/etc/hosts.allow file
--- hosts.allow~ 2009-03-29 08:28:51.000000000 +0200
+++ hosts.allow 2010-04-02 13:15:11.312500000 +0200
@@ -9,6 +9,6 @@
# port for the services you enable below.
#
ALL : localhost 127.0.0.1/32 [::1]/128 : allow
-ALL : PARANOID : deny
sshd: ALL
+ALL : PARANOID : deny
sshd : ALL behind ALL PARANOID : deny is ignored, It must be before.
Symptom:
$ /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.4p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
now try to connect...
debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
debug1: Connection refused by tcp wrapper
--
Reini Urban
http://phpwiki.org/ http://murbreak.at/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple