similar to: VETO! Re: heads up: tcpwrappers support going away

Displaying 20 results from an estimated 500 matches similar to: "VETO! Re: heads up: tcpwrappers support going away"

2014 Apr 22
2
heads up: tcpwrappers support going away
Hi, This is an early warning: OpenSSH will drop tcpwrappers in the next release. sshd_config has supported the Match keyword for a long time and it is possible to express more useful conditions (e.g. matching by user and address) than tcpwrappers allowed. Removing it reduces the amount of code in the 'hot' pre-authentication path in sshd and rids us of a dependency. -d
2008 Apr 24
3
TCPWrappers + Sendmail = not working
I have set up entries in /etc/hosts.allow and /etc/hosts.deny as follows: /etc/hosts.allow sendmail : 10.0.0.0/255.0.0.0 sendmail : LOCAL /etc/hosts.deny sendmail : ALL When I try to connect to port 25 from an Internet host via telnet, the server still responds as usual. The only difference I see is this in my /var/log/maillog: Apr 24 15:41:49 server sendmail[20691]: m3OKfna20691: tcpwrappers
2007 Sep 25
1
Samba and TCPWrappers
Good Morning, I have a Centos 4.5 (x86_64) server running samba to share data with windows users. We've been going through a security audit and the following log entries were noted: [2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206) get_alias_user_groups: gid of user bendew doesn't exist. Check your /etc/passwd and /etc/group files [2007/09/24 09:37:29, 1]
2011 Apr 28
1
port forwarding
Hi, I'm using CentOS release 5.6 (Final) and Xen 3.1. I'm writing to ask how to configure port forwarding. With virt-manager 0.6.1 I added the machines, but there I don't see an option for port forwarding. I would like to reach the VM on a specific port of the host machine. Once the machinces are running, I can configure iptables so that the port forwarding works, but after
2014 Apr 23
3
hackers celebrate this day: openssh drops security! was: Re: heads up: tcpwrappers support going away
On 23 April 2014 21:43, mancha <mancha1 at zoho.com> wrote: > On Wed, Apr 23, 2014 at 12:26:58PM -0700, Iain Morgan wrote: >> A slightly better solution would be a PAM module that uses the same >> syntax as libwrap. Possibly someone has already written such a module. > > Possibly, but only for platforms which use for PAM. Pam is executed so late in the chain that any
2005 Jan 17
19
[Bug 973] sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option.
http://bugzilla.mindrot.org/show_bug.cgi?id=973 Summary: sshd behaves differently while doing syslog entries for tcpwrappers denied message, with -r and without -r option. Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: All Status: NEW Severity: normal
2013 Jul 03
1
tcpwrappers
hi everybody having I believe sort of plain-vanilla config with section in 10-tcpwrapper.conf as per docs login_access_sockets = tcpwrap service tcpwrap { unix_listener login/tcpwrap { group = $default_login_user mode = 0600 user = $default_login_user } } /etc/hosts.deny contains: ALL: given_host and yet dovecot logins IMAP client in whereas other tcpwrapper aware
2013 Jun 28
1
IMAPS: Disable SSL connection without client certificate
I've been using Dovecot 2.1.8 on OpenBSD 5.2 i386 for about a month. It works great. Dovecot serves IMAPS only, and I'm using Thunderbird to access my mail. I configured Dovecot to allow clients that present a valid certificate when establishing SSL connection. I configure my Thunderbird for SSL/TLS connection with normal password. It works fine. However, with my config anybody
2011 Jul 27
1
dovecot and tcpwrappers
Hi, I used dovecot 1.x for quite a while and it worked fine. However, I used it through inetd and used hosts.allow/deny to restrict access to only certain groups of systems. Since yesterday I have dovecot 2.0.13. But in version 2.0.13 it seems that starting using inetd doesn't work anymore : I only get a strange error message if I try to connect using telnet : telnet localhost imap
2007 Feb 12
0
tcpwrappers hosts.allow netmask problem
I can't seem to get netmask notations to work in /etc/hosts.allow on my Centos 4.4 systems. The docs seem to indicate that network specifications like 192.168.100.0/24 or 192.168.100.0/255.255.255.0 should work. However, I can only get networks specified like 192.168.100. to work. Anyone know what I'm missing? Thanks, Tom
2017 Sep 26
0
CentOS 7 & TCPWRappers & spawn ..
Hello there ! Has anyone managed to make work on tcp wrappers on hosts.allow the swpan command in order to check the ip if it is on the permitted one ..? __________ Information from ESET Endpoint Antivirus, version of detection engine 16143 (20170926) __________ The message was checked by ESET Endpoint Antivirus. Email message - is OK http://www.eset.com
2012 Jan 19
1
LMTP ignoring tcpwrappers
Hello, we want to use dovecot LMTP for efficient mail delivery from our MX servers (running postfix 2.8) to our storage servers (dovecot 2.0.17). However, the one problem we see is the lack of access control when using LMTP. It apears that every client in our network who has access to the storage machines can drop a message in a Maildir of any user on that storage server. To prevent this
1998 Dec 15
1
portmap & tcpwrappers
I don't know if this is RedHat 5.1 specific, but be aware that the version of portmap distributed is the enhanced (Wietse Venema) version. That's great, except for two things. The first is documented, but easy to overlook: "In order to avoid deadlocks, the portmap program does not attempt to look up the remote host name or user name...The upshot of all this is that only network
2024 Jan 06
1
Samba AD - two servers - backup and restore AD procedure
Hi All! I would be grateful for clarification of my doubts about backups and restoration of the AD environment. What is the best strategy for backing up and restoring a Samba AD domain in the following scenarios: * server1 - active directory service (7 FSMO roles) * server2 - active directory service + Samba file server The considered disaster recovery scenarios are: - Corruption of the AD
2012 Oct 17
24
[zfs] portable zfs send streams (preview webrev)
We have finished a beta version of the feature. A webrev for it can be found here: http://cr.illumos.org/~webrev/sensille/fits-send/ It adds a command ''zfs fits-send''. The resulting streams can currently only be received on btrfs, but more receivers will follow. It would be great if anyone interested could give it some testing and/or review. If there are no objections,
2014 Feb 20
2
HP dl580 g5 RAID management
If this were a Dell RAID, I could use megaraid while the system's running. Does anyone know what I need to use to manage the HP "amart array" RAID? I've got an orange light on a drive, and can't find, googling, whether I can just pull the drive, or if I have to separate it from the RAID, or.... And can't bring the system down to use the firmware interface, not without
2003 Sep 17
2
problem with configure in openssh-3.7p1
Problem: setting --with-tcpwrappers does not configure code to be compiled with wrapper support Solution: references to with_tcp_wrappers (lines 4975, 6396, 6397) need to be changed to with_tcpwrappers David Purks Sr Sys Admin Cogent Communications
2012 Sep 25
2
OpenSSH banner doesnot display multibyte characters like korean
Hello, The banner message displayed on the screen contain octal values instead of korean chars. Prior to ssh 5.1 the banner message would display the charaters properly. I understand that starting from 5.1 the message is passed through strnvis() function. I looked into documentation on strnvis and found that it does not support multibyte chars and doesnt work well with international chars.
2001 Sep 19
1
Unable to run sshd after Installing Openssh 2.9p2 on Solaris 8
I've installed Openssh 2.9p2 on a Solaris 8 machine with tcpwrappers installed and used "./configure --with-tcp-wrappers" to configure the installation. Whenever I try to run sshd I receive the following error: sshd: Cannot find ELF Killed. Does anyone have any ideas as to what this error means and what I need to do to correct it? Thanks! -------------- next part --------------
2020 Aug 26
1
Dovecot 2.3.11.4 - Centos 6&7 packages
Hi! We have pushed new versions for these packages that now support tcpwrappers. They were inadvertendly left out from last time, but now they have been restored. Sorry for the inconvenience. Regards, Aki Tuomi Open-Xchange oy