RE: Trying to run sshd as inetd - tcpdchk reports errors

Jonas:

        I thought I got the instructions from one of the README's or
INSTALL's
        in openssh, but maybe not. Maybe it was from the o'reilly ssh book.
        Anyway here are the directions I used.

to run via inetd ----

add to /etc/services

ssh 22/tcp

add to /etc/inetd.conf

ssh stream tcp nowait root /usr/local/sbin/sshd sshd
-i

refresh, restart or whatever you call it the inetd.

        Of course /usr/local/sbin/sshd should be changed to the location
        of your sshd.

cheers!

> -----Original Message-----
> From: Jonas Widarsson [mailto:jonaswidarsson@hotmail.com]
> Sent: Friday, May 16, 2003 8:44 AM
> To: ssh-l@erdelynet.com
> Subject: Trying to run sshd as inetd - tcpdchk reports errors
>
>
> I have spent all day searching the web for a reason why the following
> problem occurs. I follow tutorials, read documentation using
> the 'man'
> command and it seems to me that I do it the correct way.
>
> I use Debian Linux 3.0 r1 on a AMD-K6 machine.
>
> Take a look at my configuration here:
>
> root@debian:# cat /etc/hosts.allow
> # /etc/hosts.allow: list of hosts that are allowed to access
> the system.
> # See the manual pages hosts_access(5),
> hosts_options(5)
> # and /usr/doc/netbase/portmapper.txt.gz
> #
>
> ssh: ALL
>
> #End of /etc/hosts.allow
>
> root@debian:# cat /etc/hosts.deny
> # /etc/hosts.deny: list of hosts that are _not_ allowed to access the
> system.
> # See the manual pages hosts_access(5),
> hosts_options(5)
> # and /usr/doc/netbase/portmapper.txt.gz
>
> ALL: ALL
>
> #End of /etc/hosts.deny
>
> root@debian:# grep ssh /etc/hosts* /etc/services /etc/inetd.conf
> /etc/hosts.allow:ssh: ALL
> /etc/services:ssh 22/tcp
> # SSH Remote
> Login Protocol
> /etc/services:#ssh 22/udp
> # SSH Remote
> Login Protocol
> /etc/inetd.conf:ssh stream tcp nowait root
> /usr/sbin/tcpd /usr/sbin/sshd -i
>
> I test it with:
>
> root@debian:# tcpdchk
> warning: /etc/hosts.allow, line 15: ssh: no such process name in
> /etc/inetd.conf
>
> Restart inetd:
>
> root@debian:# /etc/init.d/inetd restart
> Restarting internet superserver: inetd.
>
> That works well (PID of inetd changed). But /etc/init.d/inetd
> reload does
> not seem to cause a new PID of inetd.
>
> root@debian:# tcpdchk
> warning: /etc/hosts.allow, line 15: ssh: no such process name in
> /etc/inetd.conf
>
> Problem still there.
>
> People disencourage running sshd under inetd. I'm doing it
> because I am
> learning about how /etc/hosts.allow and ...deny works. I am
> setting up an
> email + apache + mysql + cvs server with secured encrypted
> connections
> everywhere.
>
> I send mail via exim-tls
> I pop mail via SSL
> I remote shell via ssh
> I browse via https
> mysql is only accessible via localhost, and when I do
> phpMyAdmin, I use
> https.
>
> I am now trying to deny certain services using /etc/hosts.allow and
> /etc/hosts.deny
> The first thing I want to control is whether ssh can be accessed from
> outside.
> Then I want to deny connections to services that I don't need
> from outside.
>
> I'm stuck at that error message:
>
> root@debian:# tcpdchk
> warning: /etc/hosts.allow, line 15: ssh: no such process name in
> /etc/inetd.conf
>
> I guess I'm unaware of something since I am a 3-day newbie on inetd...
>
> _________________________________________________________________
> Hitta rätt på nätet med MSN Sök http://search.msn.se/
>
> --
> List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
> List Archives: http://erdelynet.com/archive/ssh-l/
> To Unsubscribe: Go to
http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email
address at the bottom to "Edit Options". If you don't know your password,
have it emailed to you. Then unsubscribe.

--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.