Mail Archives: cygwin/2010/04/02/06:18:49

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2010/04/02/06:18:49

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=1.4 required=5.0 tests=BAYES_50,DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SARE_MSGID_LONG40

X-Spam-Check-By: sourceware.org

MIME-Version: 1.0

Date: Fri, 2 Apr 2010 13:18:24 +0200

Message-ID: <k2w6910a61004020418r95cf717lf0a5aa92284cc775@mail.gmail.com>

Subject: tcp_wrappers sshd hosts.allow problem

From: Reini Urban <rurban AT x-ray DOT at>

To: The Cygwin Mailing List <cygwin AT cygwin DOT com>

X-IsSubscribed: yes

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Hi Chuck

The new tcp_wrappers-7.6-20 comes with a wrong
/etc/defaults/etc/hosts.allow file

--- hosts.allow~        2009-03-29 08:28:51.000000000 +0200
+++ hosts.allow 2010-04-02 13:15:11.312500000 +0200
@@ -9,6 +9,6 @@
 #              port for the services you enable below.
 #
 ALL : localhost 127.0.0.1/32 [::1]/128 : allow
-ALL : PARANOID : deny
 sshd: ALL
+ALL : PARANOID : deny

sshd : ALL behind ALL PARANOID : deny is ignored, It must be before.
Symptom:

$ /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.4p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.

now try to connect...

debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
debug1: Connection refused by tcp wrapper

-- 
Reini Urban
http://phpwiki.org/           http://murbreak.at/

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=1.4 required=5.0 tests=BAYES_50,DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SARE_MSGID_LONG40
X-Spam-Check-By:	sourceware.org
MIME-Version:	1.0
Date:	Fri, 2 Apr 2010 13:18:24 +0200
Message-ID:	<k2w6910a61004020418r95cf717lf0a5aa92284cc775@mail.gmail.com>
Subject:	tcp_wrappers sshd hosts.allow problem
From:	Reini Urban <rurban AT x-ray DOT at>
To:	The Cygwin Mailing List <cygwin AT cygwin DOT com>
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com