Re-install libwrap in OpenSSH
Michael Stone
mstone at mathom.us
Thu May 21 01:05:34 AEST 2015
On Wed, May 20, 2015 at 03:58:22PM +0200, Stephan von Krawczynski wrote:
>Show me this as an example of your firewall skills and replace this
>hosts.allow entry:
>
>sshd: .... : spawn (echo -e "%u@%h[%a] on `/bin/date`" to %d connected me |
>/bin/mail -s "hosts.allow entry XYZ" root) & : ALLOW
>
>
>This is only an example code, of course.
It's an example of something really horrible. It might have seemed like
a good idea in the 90s, but in a modern system that sort of alerting
should be integrated into log monitoring (and should be much more
comprehensive than a couple of services linked against wrappers).
I think you're confirming the decision to remove wrapper support rather
than demonstrating that it was a mistake.
Mike Stone
More information about the openssh-unix-dev
mailing list