TCP Wrappers & OpenSSH

For discussions about security.
Post Reply
Message
Author
s243a
Posts: 2580
Joined: Tue 02 Sep 2014, 04:48
Contact:

TCP Wrappers & OpenSSH

#1 Post by s243a »

I'm just putting down some config info about OpenSSH here before I forget.

When I previously installed OpenSSH I don't remember having to do any configuration with "TCP Wrappers". However, this time I got the error message in:
/var/log/auth.log

Code: Select all

debug1: Connection refused by tcp wrapper
Note to get this debug information one must add to
/etc/ssh/sshd_config

Code: Select all

LogLevel DEBUG3
and to make sure that openssh can find these settings set in
/etc/default/ssh

Code: Select all

SSHD_OPTS='-f /etc/ssh/sshd_config -E /var/log/auth.log'
then start ssh by navigating to "/etc/init.d"
and typing either

Code: Select all

./ssh 'start'
or if you want to debug startup

Code: Select all

sh -xv ssh 'start'
Now to fix the above error edit
/etc/hosts.allow

Code: Select all

ALL: LOCAL
ALL: 192.168.1.X #Edit this to the ip address of the ssh client

Notice the blank line at the end of the file. Without this blank line the last line will return an error and it won't work.

You also might need to start both your Internet connection and your ssh server for this change to take effect.

Here is some further reading on TCP wrappers:
https://www.centos.org/docs/5/html/Depl ... ppers.html

Anyway, that is enough for tonight more to follow.

Edit: P.S. one also needs to do this:

Code: Select all

/usr/bin/ssh-keygen -A
https://bbs.archlinux.org/viewtopic.php?id=165382

Post Reply