10-25-2011
/etc/hosts.allow on Solaris 10
I added some entries in the /etc/hosts.allow on a Solaris 10 system.
Do I need to bounce inetd?
I have read some accounts where any changes made to the /etc/hosts.allow will be taken in automatically.
And other accounts where you need to run:
svcadm refresh inetd
My /etc/hosts.allow file was already in place; I am not creating it for the first time. I am just adding in some additional .ftpd entries.
Thanks
David
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have two Solaris 8 hosts that send data to one another throughout the day. It is a legacy system and the programs used are rdist, rcp and ftp. I have been asked to ensure that the data transferred is encrypted beween the two hosts.
My first thought was to replace these commands with ssh.... (2 Replies)
Discussion started by: blp001
2 Replies
2. UNIX for Dummies Questions & Answers
Hi!
Im trying to use host.allow & host.deny to resrtic access to my sun machine, but it doesnt seem to work... I want to allow full access from certain IPīs (ssh,http,ftp,etc...) but deny all kind of conections from outsideworld, the way that im doing that is:
hosts.allow
ALL:127.0.0.1... (2 Replies)
Discussion started by: Sorrento
2 Replies
3. Shell Programming and Scripting
hey guys, i am on a box named pluto and i need to be able to log into another box named genesis. i need to be able to ssh into genesis as root and not get asked for the password. what file do i need to edit on genesis to make this happen? i searched for the .rhosts file it doesn't seem to exist.... (1 Reply)
Discussion started by: Terrible
1 Replies
4. UNIX for Dummies Questions & Answers
Hello everyone,
This is my first posts and I did search for a questions but did not find a question that answered my question unless of course I overlooked it.
I'm running Solaris 8. I use ssh for the users but I have a user called "chatterbox" that uses telnet but I need for chatterbox to... (1 Reply)
Discussion started by: huddlestonsnk
1 Replies
5. Solaris
I forgot how to configure multiple host servers on the my CDE windows in Solaris.
I'll appreciate any help
Thanks,
Remi (2 Replies)
Discussion started by: Remi
2 Replies
6. UNIX for Advanced & Expert Users
Hello Everyone,
I am working with Solaris 10 autofs feature. On the server (and client) in /etc/auto_master I have this entry:
/net -hosts -nosuid,nobrowse
On the server, I have shared out /var/tmp, started the nfs server and issued the shareall command. When I issue share I can... (1 Reply)
Discussion started by: anies rahman
1 Replies
7. Solaris
Dear Friend,
It is strange that my sendmail does not accord to the hosts order in solaris nsswitch.conf. Please let me elaborate in details. Thank you.
Setting:
solaris 9 /etc/nsswitch.conf
hosts: file ldap dns
sendmail 8.13.4 /etc/mail/sendmail.cf
O... (4 Replies)
Discussion started by: jackyyjwu
4 Replies
8. Solaris
Hi,
I am trying to find a Solaris 10 alternative to the HPUX inetd.sec functionality.
I want to grant access to one service for one IP address only.
# grep fme2eall /etc/services
fme2eall 35000/tcp
# svcs -a | grep fme2eall
online Mar_09 ... (2 Replies)
Discussion started by: ejdv
2 Replies
9. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
10. Solaris
Am trying to copy a tar file onto a series of remote hosts and untar it at the destination. Need to do this without having to do multiple ssh.
Actions to perform within a single ssh session via shell script
- copy a file
- untar at destination (remote host)
OS : Linux RHEL6 (3 Replies)
Discussion started by: sankasu
3 Replies
LEARN ABOUT OPENDARWIN
tcpdchk
TCPDCHK(8) System Manager's Manual TCPDCHK(8)
NAME
tcpdchk - tcp wrapper configuration checker
SYNOPSIS
tcpdchk [-a] [-d] [-i inet_conf] [-v]
DESCRIPTION
tcpdchk examines your tcp wrapper configuration and reports all potential and real problems it can find. The program examines the tcpd
access control files (by default, these are /etc/hosts.allow and /etc/hosts.deny), and compares the entries in these files against entries
in the inetd or tlid network configuration files.
tcpdchk reports problems such as non-existent pathnames; services that appear in tcpd access control rules, but are not controlled by tcpd;
services that should not be wrapped; non-existent host names or non-internet address forms; occurrences of host aliases instead of official
host names; hosts with a name/address conflict; inappropriate use of wildcard patterns; inappropriate use of NIS netgroups or references to
non-existent NIS netgroups; references to non-existent options; invalid arguments to options; and so on.
Where possible, tcpdchk provides a helpful suggestion to fix the problem.
OPTIONS
-a Report access control rules that permit access without an explicit ALLOW keyword. This applies only when the extended access control
language is enabled (build with -DPROCESS_OPTIONS).
-d Examine hosts.allow and hosts.deny files in the current directory instead of the default ones.
-i inet_conf
Specify this option when tcpdchk is unable to find your inetd.conf or tlid.conf network configuration file, or when you suspect that
the program uses the wrong one.
-v Display the contents of each access control rule. Daemon lists, client lists, shell commands and options are shown in a pretty-
printed format; this makes it easier for you to spot any discrepancies between what you want and what the program understands.
FILES
The default locations of the tcpd access control tables are:
/etc/hosts.allow
/etc/hosts.deny
SEE ALSO
tcpdmatch(8), explain what tcpd would do in specific cases.
hosts_access(5), format of the tcpd access control tables.
hosts_options(5), format of the language extensions.
inetd.conf(5), format of the inetd control file.
tlid.conf(5), format of the tlid control file.
AUTHORS
Wietse Venema (wietse@wzv.win.tue.nl),
Department of Mathematics and Computing Science,
Eindhoven University of Technology
Den Dolech 2, P.O. Box 513,
5600 MB Eindhoven, The Netherlands
TCPDCHK(8)