Well, now I know why ALL: ALL in hosts.deny stopped things. It turns out that hosts.allow does not allow "ALL: my.ip.address" but is happy with "ALL: 203.x.y.z" or even "ALL: 203.x.y." There is a note about this regarding the portmapper but I had not realised that the portmapper is involved.
The working entries are:- hosts.allow sshd: 203.x.y.z hosts.deny ALL: ALL Thanks to you both. Lindsay On Mon, 7 Aug 2000, Noah L. Meyerhans wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > These are by no means irrelevant to sshd, even if it is not run from > inetd. Read the man page for sshd, in which you'll see that it can be > build with direct support for tcp_wrappers. If it is (I don't know what > the configure options in the Debian build are, but I suspect it is), then > 'sshd: ALL' or whatever should work in /etc/hosts.allow and .deny. > > OTOH, Lindsay should also check for AllowHosts or DenyHosts in > /etc/ssh/sshd_config...man sshd for more info. > > HTH, > noah > > On Mon, 7 Aug 2000, Eric G . Miller wrote: > > > On Mon, Aug 07, 2000 at 09:48:13PM +0800, Lindsay Allen wrote: > > > > > > Hello world, > > > > > > I have a hosts_access problem. > > > > > > hosts.deny has the line > > > ALL:ALL > > > > > > This stops me logging in with ssh. The problem is that if I put a line in > > > hosts.allow like > > > sshd: my.ip.address > > > the rule does not match because sshd does not feature in inetd.conf. > > > > > > What have I missed? > > > > The fact that these files are irrelevant to sshd unless it's run from > > inetd. Possibly a firewall, or simply a misconfigured sshd is the real > > culprit. > > > > -- > > MegaHAL quote: > > I think a blowpipe is a marijuana cigarrette. > > It'll get you deleted! > > > > > > -- > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > > > > _______________________________________________________ > | Web: http://web.morgul.net/~frodo/ > | PGP Public Key: http://web.morgul.net/~frodo/mail.html > > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 5.0i for non-commercial use > Charset: noconv > > iQCVAwUBOY6+/IdCcpBjGWoFAQE6igP9FWdo+vXZdVhQUMmUiV9h74/3vgjXGhF1 > wjNfAU4I2cfG0N5az1nB+vqH8c0ERok67JpP1LzSkOSZTkBt1qZssRk/4+5UiPko > pJ0Ppfv2akgtnWmHdK6U15BqgK++gRSwJWSb1156puKkqWCHY9VDPk01CaHpnGH0 > hSg+jkoUIG0= > =P2c/ > -----END PGP SIGNATURE----- > > > -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Lindsay Allen <[EMAIL PROTECTED]> Perth, Western Australia voice +61 8 9316 2486, 0403 272 564 32.0125S 115.8445E Debian Linux =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
