01-08-2009
Hosts.deny entry
Hello I want to block individuals who attempt to use ssh to loggon to one of my machines from a certain IP address. I added the following entry in hosts.deny. Will the entry do what I want to do?
ssh: 202.111.128.225
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hey people i need a little help here if anyone knows who to separate the mailing users and can i have more then one at the end of the command line please tell me :::This is just an example:::
/etc/hosts.deny:
tftpd: ALL: (/some/where/safe_finger -l @%h | \
... (2 Replies)
Discussion started by: beo
2 Replies
2. UNIX for Dummies Questions & Answers
Hi!
Im trying to use host.allow & host.deny to resrtic access to my sun machine, but it doesnt seem to work... I want to allow full access from certain IP´s (ssh,http,ftp,etc...) but deny all kind of conections from outsideworld, the way that im doing that is:
hosts.allow
ALL:127.0.0.1... (2 Replies)
Discussion started by: Sorrento
2 Replies
3. UNIX for Dummies Questions & Answers
Hello everyone,
This is my first posts and I did search for a questions but did not find a question that answered my question unless of course I overlooked it.
I'm running Solaris 8. I use ssh for the users but I have a user called "chatterbox" that uses telnet but I need for chatterbox to... (1 Reply)
Discussion started by: huddlestonsnk
1 Replies
4. Shell Programming and Scripting
Hi there
I have a requirement where i have to globally remove a hosts file entry from all boxes e.g.
10.01.10.1 my_server1
normally for 'in-line' editing of files without passing it out to another fle and copying it back etc which is messy, Ive been using the fantastic "perl -pi... (1 Reply)
Discussion started by: hcclnoodles
1 Replies
5. Red Hat
Hello all,
I´m on Red Hat Enterprise Server 4.5
I´m wondering if it is possible to disable the need to add every IP machine entry in the file /etc/hosts to allow it to connect to Red hat?
I´m getting "where are you?" message. This is solved adding the machine ip where I´m working.
Thanks in... (1 Reply)
Discussion started by: mig28mx
1 Replies
6. Red Hat
Hi..,
I am using redhat5 server, i want to know the details about to block ssh via /etc/hosts.deny. Need help immediately (1 Reply)
Discussion started by: thakshina
1 Replies
7. IP Networking
Hi all,
I have an entry in my hosts file on a server called tractor as follows:
10.67.34.128 digger-m2m digger
I have a DNS server configured but it doesn't seem to know about digger. When I do an nslookup on tractor for digger i get the following:
new_dns1.oam.uk can't find digger: Non... (0 Replies)
Discussion started by: Donkey25
0 Replies
8. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
9. Shell Programming and Scripting
Hi Gurus,
I am trying to connect to remote host from current host to check crontab entries. I have started like this
ssh -n -l db2psp 205.191.156.17 ". ~/.profile >/dev/null 2>/dev/null; cd log ;ls | wc -l"
I got this error ?
ssh: connect to host 205.191.156.17 port 22:... (1 Reply)
Discussion started by: rocking77
1 Replies
10. UNIX for Dummies Questions & Answers
Hi there,
For /etc/hosts.deny was it used to deny access from the internet? (2 Replies)
Discussion started by: alvinoo
2 Replies
LEARN ABOUT FREEBSD
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
December 7, 2013 BSD