sshd
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: sshd

  1. #1
    Member
    Join Date
    Nov 2003
    Posts
    30

    sshd

    I have been trying to restric the access of my sshd using th following method:

    I set the hosts.deny to
    ALL:ALL

    and the hosts.allow for

    ALL: 10.0.0.1

    where the 10.0.0.1 is the ip I want to allow. but it won't allow the 10.0.0.1

    I may also configure this in my firewall setting but I want to know what is wrong.


    Thanks
    You are what you have conquered not what you have!

  2. #2
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Look at the first entry you made....
    Real security doesn't come with an installer.

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    IIRC, hosts.allow is supposed to be read first. http://www.linuxgazette.com/issue46/...pwrappers.html
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    i thought that hosts.deny is no longer in use.
    try this:
    empty hosts.deny

    insert on hosts.allow

    ALL:10.0.0.1:ALLOW
    ALL:ALL:DENY

    Meu stio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  5. #5
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Hmmm. I'll have to look into that...


    Question, is there possibly a router that is refusing the connection?
    Real security doesn't come with an installer.

  6. #6
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    I might be asking the obvious but are you behind a firewall? And wouldn't your concurrent first entry eliminate the chance of allowing a connection for the second one?
    Space For Rent.. =]

  7. #7
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    I doubt I can help but more info may help others help you.

    What OS are we talking about here? What OS is the ssh daemon running on?

    What version of ssh ?

    Is the service controlled by TCP Wrappers ( thus utilizing using the hosts.allow then hosts.deny files, which is the order they will be looked at ) or is it controlled by Xinetd ?

    What type of authentication protocol are you using? [ version 1 or version 2 ]

    How did you set it up ?

    Did it work before you attempted to include the hosts* files ?

    Check the hosts.allow file. You are using a specific address here. Try adding the subnet mask, as in 'net/mask'
    OR
    end it with a period, as in "10.0.0.1." to match the address exactly. ( If I remember correctly with a period at the end it will be recognized as a string and match it, thus a string of " 10.0. " would match every address of 10.0.x.x )

    damn, I wish I had more time to help, ... and more knowledge!
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  8. #8
    Member
    Join Date
    Nov 2003
    Posts
    30
    I think what cacosapo said will work, I will try when I get home.

    I am behind a firewall but I opened (allowed) the sshd port.
    and it works fine when I don't try do block all domains only the one that I want to allow.

    I will give some feedback when give it the try
    You are what you have conquered not what you have!

  9. #9
    Member
    Join Date
    Nov 2003
    Posts
    30

    Angry

    I have tried:

    ALL: 80.
    ALL:ALLENY

    my Ip start with 80.
    so ALL: 80. would allow the class A

    if I do
    hosts.deny
    ALL:ALL

    and hosts.allow

    ALL:ALL


    it will accept any connection meaning that the hosts.allow is read last.

    I have also tried

    ALL: localhost
    ALL: .localhost
    ALL: 127.0.0.1

    and I tried to connect to my machine but it didn't accept.

    It must be a syntax error

    if anyone interested someone send me the man page
    http://www.rt.com/man/hosts_access.5.html

    I will have a look there to see if I can find what is wrong.


    I will get this **** working today!
    You are what you have conquered not what you have!

  10. #10
    Member
    Join Date
    Nov 2003
    Posts
    30
    OK I found the problem.

    I did What I should have done a long time ago.
    I looked at the log file
    and I got

    Jun 2 00:22:10 www sshd[1781]: refused connect from 0.0.0.0
    Jun 2 00:23:27 www sshd[1802]: refused connect from 0.0.0.0
    Jun 2 00:30:03 www sshd[1864]: refused connect from 0.0.0.0
    Jun 2 00:30:34 www sshd[1867]: refused connect from 0.0.0.0
    Jun 2 00:31:11 www sshd[1870]: refused connect from 0.0.0.0
    Jun 2 00:32:11 www sshd[1874]: refused connect from 0.0.0.0
    Jun 2 00:34:45 www sshd[2683]: refused connect from 0.0.0.0
    -------------------------------------------------------------
    Jun 2 00:36:10 www sshd[2689]: refused connect from 0.0.0.0
    Jun 2 00:36:33 www sshd[2693]: refused connect from 0.0.0.0


    most of the time I was trying to connect from my own PC, as the firewall is set to minimize DOS attack it would not
    do any kind of lookup, so I tried from an outside host and I got the same.

    So I will look my firewall now.
    You are what you have conquered not what you have!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •