Does OpenSSH have tcp_wrappers *built-in* or just compatibili ty?

Austin Gonyou austin at coremetrics.com
Fri May 3 23:01:50 EST 2002


On solaris 8, that would probably be something we could do. We're
looking into how we can limit specific users from being able to ssh out
of a box, and someone mentioned tcp_wrappers being built into OpenSSH. 

We'll check it out and see. Any ideas around limiting users from sshing
out btw? :) TIA

On Fri, 2002-05-03 at 07:28, Peter Watkins wrote:
> On Fri, May 03, 2002 at 06:59:59AM -0500, Austin Gonyou wrote:
> 
> > I was under the impression it was just compatibility, and not actually
> > built-in, but I thought I'd ask here and just make sure of what I'm
> > saying. :) TIA.
> 
> OpenSSH and tcp_wrappers are separate software packages. OpenSSH can be
> built against the tcp_wrappers library (if tcp_wrappers is available on
> your system) so that the resulting binaries support tcp_wrappers' access
> control mechanisms. Normally tcp_wrappers is compiled as an archive,
> libwrap.a, so that if OpenSSH is compiled with tcp_wrappers support,
> tcp_wrappers is literally built-in (using Wietse Venema's code) to the
> resulting binaries, though some systems provide tcp_wrappers as a shared
> object and use standard dynamic linking mechanisms to add tcp_wrappers
> functionality to their applications.
> 
> Wietse, if you're here, I'd love to hear what you think about libwrap.a
> vs 
> libwrap.so. :-)
> 
> -- 
> Peter Watkins - peterw at tux.org - peterw at usa.net -
> http://www.tux.org/~peterw/ 
> Private personal mail: use PGP key F4F397A8; more sensitive data? Use
> 2D123692
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
-- 
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com

"It is the part of a good shepherd to shear his flock, not to skin it."
Latin Proverb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020503/cbc4d073/attachment.bin 


More information about the openssh-unix-dev mailing list