OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: ssh2 bypasses host.allow in /etc/login.conf?
From: Dmitry Pryanishnikov (dmitrydigital.dp.ua)
Date: Mon Jul 24 2000 - 08:12:06 CDT


Hello!

On Sun, 23 Jul 2000, Mike Hoskins wrote:
> On Sun, 23 Jul 2000, Dmitry Pryanishnikov wrote:
>
> > Maybe I've missed something, but I mean NOT a file host.allow, but the
> > BSD-native login class restrictions written in /etc/login.conf, which
> > checked with auth_hostok() (or login_getclass()/login_getcapstr() as
> > in sshd.c from ssh1). Of course, make WITH_TCPWRAP=yes doesn't help!
>
> So... are these methods also in ssh2's .c file? Just curious... As Paul

 I haven't found them there ;(

> 2. Maybe this is just a case of getting bitten by this fact. Have you
> tried OpenSSH? A much better solution, IMCO.

 Sorry, I don't have sufficient time now, maybe later I'll try..

Sincerely, Dmitry

Dnipropetrovsk State University, E-mail: dmitrydigital.dp.ua
Physical Faculty, WWW: http://ff.dsu.dp.ua
Department of Experimental Physics
Dnipropetrovsk, Ukraine FTP: ftp://digital.dp.ua/DEC

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message