Menu
▾
▴
Re: [leaf-user] SSH & Bering Leaf
|
From: Matthew S. <msc...@pa...> - 2002-09-22 20:46:54
|
Jacques Nilo wrote: > Le Dimanche 22 Septembre 2002 21:31, sr a =E9crit : >>or is there more to do? > Yes > Check hosts.allow :-) >=20 > Jacques Hosts.allow only comes into play if sshd is being started via /etc/in= ted.conf: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D #:OTHER: Other services ssh stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sshd= -i =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Following your docs, this would be commented out, and the daemon would be running standalone from init. A better line in your /etc/shorewall/rules would be something like: ACCEPT net:128.287.333.12 fw tcp 22 or ACCEPT net:128.287.333.0/24 fw tcp 22 if'n you know where'n ya'll are gonna be comin' from, because it's more restrictive. regards, matthew |
