Maybe it's time to get rid of tcpwrappers/tcpd?
Reindl Harald
h.reindl at thelounge.net
Fri Mar 28 14:19:13 UTC 2014
Am 28.03.2014 14:48, schrieb Petr Lautrbach:
> On 03/28/2014 02:44 PM, Reindl Harald wrote:
>>> - every change in sshd_config has to be confirmed by sshd restart, while changing hosts.deny doesn't need
>>> any other action
>>
>> no - try it out!
>>
>> make a fatal syntax error in "sshd_config" and in case of a
>> remote machine make sure you don't close the last connection
>> because you will not reach the machine again otherwise
>
> [14:46:53 root at malas ~ ]# /usr/sbin/sshd -T
> /etc/ssh/sshd_config: line 157: Bad configuration option: blbla
> /etc/ssh/sshd_config line 157: Directive 'blbla' is not allowed within a Match block
> [14:46:55 root at malas ~ ]# ssh localhost
> Fedora release 21 (Rawhide)
> root at localhost's password:
not sure which options are connection specific but there
are for sure ones which do not need a restart and get
effective for every new connection, i have not the time
to seek and reproduce that but it's a fact from real
work expierience
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140328/1d7c57ea/attachment.sig>
More information about the devel
mailing list