sshd and tcpwrappers
jeremy at linuxfromscratch.org
Tue Feb 3 23:50:16 PST 2004
On Tue, 2004-02-03 at 23:16, P.R. wrote:
> I want to know if sshd uses the tcpwrappers (hosts.allow etc)
> functionality by default = when following the book.
> There is a switch in the configure-script: --with-tcp-wrappers.
> I think it wouldnt be there if not needed, so I don't think sshd will
> NOT utilize tcpd, unless I recompile it again.
> Is this right or wrong?
> I found this message from last July
> and I think even more I have to recompile and reinstall sshd again :-/
> I also think it should be at least mentioned with one short one sentence
> in the book, because this is a basic feature.
Personally, using tcp-wrappers with sshd is a BadThing (TM). TCP
wrappers works by wrapping the binary by the tcpd program in inetd - and
sshd shouldn't EVER be run via inetd - I forget the details, but
something about excessive key generation or something to that effect -
you can definately find more information on the web about it.
Or, I suppose I could be completely misunderstanding how tcp-wrappers
works, and might be way off base.
More information about the blfs-support