sshd basics
Mike Starke
plug-discuss@lists.plug.phoenix.az.us
Mon, 5 May 2003 20:17:41 -0500
On Mon, May 05, 2003 at 05:09:56PM -0700, eric wrote:
/_Ok,
/_
/_live and learn.....
/_
/_i commented everything out of /etc/hosts.deny, and i deleted the sshd part
/_of /etc/hosts.allow and changed it (i.e., changed the first line) to
/_ALL:ALL.
/_
/_So now it works. I am so happy!! But now my box is wide open. Sigh.
/_Does anyone have suggestions for reconfiguring TCPWrappers to improve
/_security?
/_
:-)
I always put one line in /etc/hosts.deny
ALL:ALL
Then, open as needed in /etc/hosts.allow
The easiest, I have found, is
sshd:<local_lan>
That's it. Combine that with a good filter, and I think
you should be good to go.
v/r
-Mike