[OpenIndiana-discuss] Does OpenIndiana's sshd obeys TCP wrappers?
Hubert Garavel
hubert.garavel at inria.fr
Sun Dec 23 10:39:27 UTC 2018
By default, support for TCP wrappers was removed from OpenSSH, unless
it is compiled with the proper option. This seems to be indeed the case
for OI's sshd:
# ldd /usr/lib/ssh/sshd
libwrap.so.1 => /usr/lib/64/libwrap.so.1
However, after setting "/etc/hosts.deny" to "ALL: ALL" and
"/etc/hosts.allow" to a single line "sendmail: localhost",
sshd still accepts incoming connections from other hosts,
whereas such incoming SSH connections should be blocked by
the TCP wrappers.
Any idea?
More information about the openindiana-discuss
mailing list