Re: Early heads-up: plan to remove local patches for TCP Wrappers support in sshd

From: Ed Maste <emaste_at_freebsd.org>
Date: Fri, 14 Feb 2020 16:16:53 -0500
On Fri, 14 Feb 2020 at 15:27, Joey Kelly <joey_at_joeykelly.net> wrote:
>
> On Friday, February 14, 2020 01:18:44 PM Ed Maste wrote:
> > Upstream OpenSSH-portable removed libwrap support in version 6.7,
> > released in October 2014. We've maintained a patch in our tree to
> > restore it, but it causes friction on each OpenSSH update and may
> > introduce security vulnerabilities not present upstream. It's (past)
> > time to remove it.
>
> So color me ignorant, but how does this affect things like DenyHosts?

It's independent of denyhosts, fail2ban, blacklistd and similar. TCP
wrappers is configured using /etc/hosts.allow and /etc/hosts.deny.
Received on Fri Feb 14 2020 - 20:17:06 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:23 UTC