Subject: hosts.allow help with ssh

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	Subject: application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	Subject: X Windows problem (xauth)
•	Subject: Upgrading openoffice 1 1 rpm
•	Subject: FTP: connection refused
•	Subject: FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	Subject: broadcom network interface
•	make mrproper
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	sendmail configuration on redhat
•	kernel 2 6 and /dev/sound/mixer not found
•	Subject: Promise 378 controller
•	Subject: Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	Subject: Lotus Notes under Wine
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	rpm database corrupt
•	Command stream end of file while reading
•	qla2300 modules

Subject: hosts.allow help with ssh

Subject: hosts.allow help with ssh

2004-05-13 - By Michael Cortes

Back
-- --BEGIN PGP SIGNED MESSAGE-- --
Hash: SHA1

I have a couple servers behind the firewall, which don't have anything in the
"hosts.allow" file. I wanted to provide more security so I copied and
modified a "hosts.allow" file from another box.

Below is my "hosts.allow" file with some hidden stuff (ip addresses)

My problems are this:

First:

When I put the file on the server I wanted to "load" or "activate" it. (Not
sure what the proper terminology is). I tried "service xinetd restart".
Didn't work. So I just rebooted it. What is the proper way to do this?

Second:

One I rebooted and the hosts.allow was active, I could no longer ssh to this
box from anywhere behind my firewall (same network as this server) and my
main server in the DMZ could not mysql to it. The main server connects to
the mysqld to pull up dynamic web site info.

Can any help

************* hosts.allow **********************

sshd: 192.168.xxx. : (usr/sbin/safe_finger -l | /bin/mail -s "Access by %d-%h"
root) & : ALLOW
sshd: 192.168.xxx. : (usr/sbin/safe_finger -l | /bin/mail -s "Access by %d-%h"
root) & : ALLOW
sshd: 192.168.xxx. : (usr/sbin/safe_finger -l | /bin/mail -s "Access by %d-%h"
root) & : ALLOW
sshd: 192.168.xxx. : (usr/sbin/safe_finger -l | /bin/mail -s "Access by %d-%h"
root) & : ALLOW

sendmail: ALL : ALLOW

ipop3d: ALL : spawn (/usr/sbin/safe_finger -l | /bin/mail -s "Access by %d-%h"
root) & : ALLOW

imapd: ALL : spawn (/usr/sbin/safe_finger -l : /bin/mail -s "Access by %d-%h"
root) & : ALLOW

# Additional items

ALL: xxx.xxx.xxx.xxx : ALLOW

in.fingerd: ALL : spawn (/usr/sbin/safe_finger -l @%h | /bin/mail -s "Finger
Access %d-%h" root) & : ALLOW

ALL : ALL : spawn (/usr/sbin/safe_finger -l @%h | /bin/mail -s "Port Denial
noted %d-%h" root) & : DENY

- --

Michael Cortes
Fort LeBoeuf School District
34 East Ninth Street
PO Box 810
Waterford PA 16441-0810
814.796.4795
AIM: cortesm67
-- --BEGIN PGP SIGNATURE-- --
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAo2YOoPG25PauKIkRAvucAKCury4OlcMt9/zdMc/yc50wLYN/VACg0SZU
5tcdRZc9on4JS2A6BW/8m+4=
=9lSO
-- --END PGP SIGNATURE-- --

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Valhalla-list mailing list
Valhalla-list@(protected)
https://www.redhat.com/mailman/listinfo/valhalla-list