Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.
To enable usage of TCP wrappers with SSH Tectia Server, perform the following operations:
If SSH Tectia Server was previously installed from binaries, you may want to uninstall it before continuing.
Compile the source code:
$ ./configure --with-libwrap
Then, run the following with root privileges:
# make install
Note: If configure does not find libwrap.a, do the following:
Run configure again:
$ make distclean
$ ./configure --with-libwrap=/path_to_libwrap.a/
Note: It is only necessary to specify the path to libwrap.a if the library and the include files are located in a non-standard directory, i.e. if the library has been compiled to a local directory, or has been installed somewhere else than the default location.
Create or edit the /etc/hosts.allow and /etc/hosts.deny files. When a user tries to connect to the SSH Tectia Server, the TCP wrapper daemon (tcpd) reads the /etc/hosts.allow file for a rule that matches the client's hostname or IP. If /etc/hosts.allow does not contain a rule allowing access, tcpd reads /etc/hosts.deny for a rule that would deny access. If neither of the files contains an accept or deny rule, access is granted by default. The syntax for the /etc/hosts.allow and /etc/hosts.deny files is as follows:
daemon : client_hostname_or_IP
The typical setup is to deny access to everyone listed in the /etc/hosts.deny file. (This example shows both ssh1 and ssh2.)
sshdfwd-X11 : ALL
And then allow access only to trusted clients in the /etc/hosts.allow file: