Using openssh 3.1p1 on Solaris with tcp wrappers 7.6

Ben Lindstrom mouring at etoh.eviladmin.org
Thu May 2 06:08:01 EST 2002


What is wrong with the native 'Banner' option within OpenSSH?  V2
protocol allows a banner to be presented.

- Ben

On Wed, 1 May 2002, R. P. Channing Rodgers, M.D. wrote:

>
> Dear Open SSH and TCP Wrappers Colleagues,
>
> We are trying to use open ssh 3.1p1 on SPARC platforms
> under Solaris 2.8 using gcc 2.95.2, in conjunction with
> tcp wrappers 7.6 (IPv6 version).  The wrapping of open ssh
> is not too well documented but I think we have figured
> most of this out (hearty thanks to Wietse Venema, Jim
> Mintha & Niels Provos for their helpful email exchanges) --
> but have one final question.  Tcp wrappers can send out
> banner messages in response to various network service
> requests.  The Banners.makefile that is used to create
> the various banner files from a prototype (inserting any
> special content that a particular service protocol such
> as ftp might require) does contain this comment:
>
>    # Other services: banners may interfere with normal operation
>    # so they should probably be used only when refusing service.
>    # In particular, banners don't work with standard rsh daemons.
>    # You would have to use an rshd that has built-in tcp wrapper
>    # support, for example the rshd that is part of the logdaemon
>    # utilities.
>
> And there is no target to create a sshd banner.  Is there
> a mechanism in open ssh, when using tcp wrappers, to
> support a banner?  Thanks in advance for any helpful
> insights.
>
> We would be happy to share our installation instructions
> for both systems and welcome comments about the most
> efficient way in which we might do so.
>
> Cheerio, Rick Rodgers
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list