X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=1.4 required=5.0 tests=BAYES_50,DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SARE_MSGID_LONG40 X-Spam-Check-By: sourceware.org MIME-Version: 1.0 Date: Fri, 2 Apr 2010 13:18:24 +0200 Message-ID: Subject: tcp_wrappers sshd hosts.allow problem From: Reini Urban To: The Cygwin Mailing List Content-Type: text/plain; charset=ISO-8859-1 X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Hi Chuck The new tcp_wrappers-7.6-20 comes with a wrong /etc/defaults/etc/hosts.allow file --- hosts.allow~ 2009-03-29 08:28:51.000000000 +0200 +++ hosts.allow 2010-04-02 13:15:11.312500000 +0200 @@ -9,6 +9,6 @@ # port for the services you enable below. # ALL : localhost 127.0.0.1/32 [::1]/128 : allow -ALL : PARANOID : deny sshd: ALL +ALL : PARANOID : deny sshd : ALL behind ALL PARANOID : deny is ignored, It must be before. Symptom: $ /usr/sbin/sshd -d debug1: sshd version OpenSSH_5.4p1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. now try to connect... debug1: fd 4 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7 debug1: inetd sockets after dupping: 3, 3 debug1: Connection refused by tcp wrapper -- Reini Urban http://phpwiki.org/ http://murbreak.at/ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple