This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

tcp_wrappers sshd hosts.allow problem


Hi Chuck

The new tcp_wrappers-7.6-20 comes with a wrong
/etc/defaults/etc/hosts.allow file

--- hosts.allow~        2009-03-29 08:28:51.000000000 +0200
+++ hosts.allow 2010-04-02 13:15:11.312500000 +0200
@@ -9,6 +9,6 @@
 #              port for the services you enable below.
 #
 ALL : localhost 127.0.0.1/32 [::1]/128 : allow
-ALL : PARANOID : deny
 sshd: ALL
+ALL : PARANOID : deny

sshd : ALL behind ALL PARANOID : deny is ignored, It must be before.
Symptom:

$ /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.4p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.

now try to connect...

debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
debug1: Connection refused by tcp wrapper

-- 
Reini Urban
http://phpwiki.org/           http://murbreak.at/

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]