Fwd: [nycbug-talk] host.allow capability in login.conf ignored?

G. Rosamond george
Mon Oct 18 13:40:50 EDT 2004


Begin forwarded message:

> From: G. Rosamond <george at sddi.net>
> Date: October 18, 2004 1:35:04 PM EDT
> To: csnyder <chsnyder at gmail.com>
> Subject: Re: [nycbug-talk] host.allow capability in login.conf ignored?
>
>
> On Oct 18, 2004, at 12:51 PM, csnyder wrote:
>
>> I'd use /etc/hosts.allow, except I only want this restriction to apply
>> to a particular login class. And anyway, I think that only applies to
>> tcp-wrapped applications, of which ssh is not one.
>>
>>
>
> i know, but . . .
>
> # Wrapping sshd(8) is not normally a good idea, but if you
> # need to do it, here's how
> #sshd : .evil.cracker.example.com : deny
>
> but it doesn't deal with the login class you've created. . .true.
>
> in the past i found a number of problems with the login.conf doing 
> implementation, particularly with passwd restrictions. . .
>
> g
>





More information about the talk mailing list