HPE Community
Operating System - HP-UX
1830992 Members
2471 Online
110018 Solutions
New Discussion

Re: using inetd and openssh

 
Keri Franklin
New Member

‎10-15-2003 02:47 AM

‎10-15-2003 02:47 AM

using inetd and openssh

Is there any way to use inetd to limit acess via openssh?
0 Kudos
Reply
5 REPLIES 5
ramesh_6
Frequent Advisor

‎10-15-2003 03:03 AM

‎10-15-2003 03:03 AM

Re: using inetd and openssh

Hi

Yes..absoultely

Add an entry in inetd.conf for sshd similar to the lines of telnet.

ssh stream tcp nowait root /usr/local/bin/sshd sshd

Then anyone connecting to SSH will be going through inetd and sshd will be inetd on demand which will also reduced the overhead on the server. If you dont want to used telnet after enabling sshd via inted disable the same.
0 Kudos
Reply
Ravi_8
Honored Contributor

‎10-15-2003 03:11 AM

‎10-15-2003 03:11 AM

Re: using inetd and openssh

Hi,

I don't think ssh will use tcp, if so it's entry should have been in services file.
never give up
0 Kudos
Reply
Mark Grant
Honored Contributor

‎10-15-2003 03:14 AM

‎10-15-2003 03:14 AM

Re: using inetd and openssh

Pesonally I think putting things in inetd tends to increase the overhead and slows down response times.

However, you can do this if you want.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎10-15-2003 03:58 AM

‎10-15-2003 03:58 AM

Re: using inetd and openssh

Hi Keri,

AFAIK ssh can use tcp-wrappers to limit access - specifically the /etc/hosts.deny & /etc/hosts.allow files.
This method does not require inetd.conf or inetd.sec to be used.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎10-15-2003 04:03 AM

‎10-15-2003 04:03 AM

Re: using inetd and openssh

I'd also agree to Mark's statement that usually the overhead is bigger when a well designed server such as sshd is started through inetd, rather than run as a standalone server (which is the usual way for SSH).
As I understand your motivation for sshd being started by inetd is to have some sort of TCP wrapper.
I think you don't need this since the sshd can take care of this by itself.
Read the manpage of sshd(8), and especially the config file section therein.
Maybe what you want can be achieved through the "AllowUsers" directive in sshd_config
Madness, thy name is system administration
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.