Re: [OpenIndiana-discuss] Does OpenIndiana's sshd obeys TCP wrappers?

2018-12-28 Thread Hubert Garavel
>> But I tried as you suggested, and managed to start sshd via inetd. >> The trick is to use inetconv and to run "sshd -i". I can provide >> detailed explanations on request. > > Provide instructions here on the list, please. It may be useful to have > the knowledge at some point. OK. I still in

Re: [OpenIndiana-discuss] web proxy server w/SSL/TLS termination (on OI)

2018-12-28 Thread Jerry Kemp
thank you, that does seem to be an interesting twist on my plan. Jerry Original Message From: Matjaž M Sent: Fri, Dec 28, 2018 3:17 PM CST To: Discussion list for OpenIndiana Subject: [OpenIndiana-discuss] web proxy server w/SSL/TLS termination (on OI) Hi Jerry, perhaps you c

Re: [OpenIndiana-discuss] web proxy server w/SSL/TLS termination (on OI)

2018-12-28 Thread Matjaž M
Hi Jerry, perhaps you could take a look at this: https://github.com/tenox7/wrp It is a proxy that renders the website in gif/png/jpeg with clickable imagemap for links. Its intent is to make older browsers usable on modern internet (modern html/css, encryption …

Re: [OpenIndiana-discuss] Does OpenIndiana's sshd obeys TCP wrappers?

2018-12-28 Thread Michal Nowak
On 12/28/18 06:30 PM, Hubert Garavel wrote: Hello Michal, looking at the patch which restores tcp-wrapper support in OpenSSH (upstream removed it in v6.7), it seems to me that tcp-wrapper is used only when sshd was started via inetd. Thanks for the info, this was helpful. On Oracle Solaris 10

Re: [OpenIndiana-discuss] Does OpenIndiana's sshd obeys TCP wrappers?

2018-12-28 Thread Hubert Garavel
Hello Michal, > looking at the patch which restores tcp-wrapper support in OpenSSH > (upstream removed it in v6.7), it seems to me that tcp-wrapper is used > only when sshd was started via inetd. Thanks for the info, this was helpful. On Oracle Solaris 10, the TCP wrappers are active even when

Re: [OpenIndiana-discuss] Does OpenIndiana's sshd obeys TCP wrappers?

2018-12-28 Thread Michal Nowak
On 12/23/18 11:39 AM, Hubert Garavel wrote: By default, support for TCP wrappers was removed from OpenSSH, unless it is compiled with the proper option. This seems to be indeed the case for OI's sshd: # ldd /usr/lib/ssh/sshd libwrap.so.1 => /usr/lib/64/libwrap.so.1 However, a

Re: [OpenIndiana-discuss] web proxy server w/SSL/TLS termination (on OI)

2018-12-28 Thread Jonathan Adams
Hi, we use Squid on OI, and it works well, but I don't think you'll be able to do what you want with your older sparc kit. when the browser connects to SSL, it opens up a tunnel through the proxy, over HTTP, and the browser still does all the work of TLS/SSL ... unless you're going to accelerate