Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: sshd

  1. #11
    Wrong again
    It gives because it has not matched any host (or IP) so it says it has blocked which is my defaul
    setting to

    which is the same as

    Now I will try to block only the host that I want to allow.
    You are what you have conquered not what you have!

  2. #12
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    if all is sound network wise, this is what you should do:


    sshd: IP or network : ALLOW


    sshd: ALL: ALL

    No restart of the service is needed. These rules will work immediately.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #13
    I get the following

    ssh_exchange_identification: Connection closed by remote host

    I am starting to think that the problem may be in somethingelse
    You are what you have conquered not what you have!

  4. #14
    Senior Member
    Join Date
    Apr 2004
    of course it was working before, with nothing default host. files and firewall disabled....
    i hope that you have tested that BEFORE start trying....
    just an idea...
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  5. #15
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    if I do

    and hosts.allow


    it will accept any connection meaning that the hosts.allow is read last.

    If this works, great! You are on the right track but your reasoning is flawed.

    ( did you read the pm I sent yesterday ? )

    The hosts.allow file is read first. If a rule matches then the process is accepted and never reaches the hosts.deny file. If not, it then goes to the hosts.deny file. If a rule matches in the hosts.deny file the process stops there, because it matched a deny rule. If no rule in hosts.deny matches, then the process is accepted. That is why you need the “ ALL: ALL” in hosts.deny. It is the default policy to stop everything you did not specifically allow in the hosts.allow file. ( as you can imagine you can get very, very creative with these files but it is easy to make mistakes when you try to. Best to keep them as simple as you can )

    As I said, if what you did in the above quote works, great. It just means your syntax is wrong in the hosts.allow file. If it did not work then it did not work before including the hosts.* files. Your problem is elsewhere.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts