ssh, hosts.allow, hosts.deny, and dyndns names
Owen Townend
owen.townend at gmail.com
Sat Mar 29 12:12:42 UTC 2008
On 28/03/2008, Bob Sterne <bob at example.com> wrote:
>
> I had "sshd: .cn" in my server's hosts.deny file, and a dyndns setup
> on my laptop, with "sshd: myLaptopDyndns.host.name" (redacted) in
> hosts.allow on the server.
>
> I thought hosts.allow took precedence over hosts.deny, but when I was
> in China, it wouldn't let me log in. (I had to log into another
> machine somewhere else to log into my server to take "sshd: .cn" out
> and restart sshd, before it would work.)
>
> Is hosts.allow supposed to override hosts.deny?
>
> Or is the problem that dyndns-type addresses don't "reverse lookup"
> from the dynamic IP?
>
> Thanks
>
>
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
Hey,
Looks like you got it right - hosts.allow is matched before hotst.deny so it
must be something else, perhaps the reverse lookup as you mentioned.
Try `man hosts_access`, it lists the access rules for sshd and how to
implement them.
cheers,
Owen.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20080329/82149d16/attachment.html>
More information about the ubuntu-users
mailing list