openssh unix dev - Jun 2021 - Bringing back tcp wrappers

On 24/6/21 12:24 am, Saint Michael wrote:
> I compiled the latest version, 8.1, inside Centos 7.9, and to my dismay,
> there was no support for libwrap, which offers a level of protection that
> is added to a firewall, but in my opinion, it works better.
Why can't you use tcpd and sshd -i?

On 6/25/21 3:46 AM, David Newall wrote:
> On 24/6/21 12:24 am, Saint Michael wrote:
>> I compiled the latest version, 8.1, inside Centos 7.9, and to my
dismay,
>> there was no support for libwrap, which offers a level of protection
that
>> is added to a firewall, but in my opinion, it works better.
> Why can't you use tcpd and sshd -i?
If you want, you can as I played with it when we were removing this from 
Fedora:

https://fedoraproject.org/wiki/Changes/Deprecate_TCP_wrappers#Migration_to_tcpd

Its not nice, you need some tweaks from the default OS installation, but 
if this is really your only layer of defense you need to rely on, it is 
indeed possible.

Regards,
-- 
Jakub Jelen
Crypto Team, Security Engineering
Red Hat, Inc.