Anton Shterenlikht <me...@bristol.ac.uk> writes:
> I'm very grateful for all advice, but I'm still unsure
> why denying ssh access to a particular host via /etc/hosts.allow
> is a bad idea.
As far as I recall, the reason the warning was added to the manual was
that it's fairly heavy on resources to implement that way (especially
back before the wrapper support was added to sshd; running it out of
inetd added quite a bit of lag). It is also liable to problems from the
idiosyncratic configuration syntax.
By and large, you'd be better off with a firewall, but hosts.allow will
certainly work if you want to do that.
--
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
