Re-install libwrap in OpenSSH

Michael Stone mstone at
Thu May 21 01:05:34 AEST 2015

On Wed, May 20, 2015 at 03:58:22PM +0200, Stephan von Krawczynski wrote:
>Show me this as an example of your firewall skills and replace this
>hosts.allow entry:
>sshd: .... : spawn (echo -e "%u@%h[%a] on `/bin/date`" to %d connected me |
>/bin/mail -s "hosts.allow entry XYZ" root) & : ALLOW
>This is only an example code, of course.

It's an example of something really horrible. It might have seemed like 
a good idea in the 90s, but in a modern system that sort of alerting 
should be integrated into log monitoring (and should be much more 
comprehensive than a couple of services linked against wrappers).

I think you're confirming the decision to remove wrapper support rather 
than demonstrating that it was a mistake.

Mike Stone

More information about the openssh-unix-dev mailing list