[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-devel
Subject: Re: Debian openssh option review: considering splitting out GSS-API key exchange
From: Marc Haber <mh+debian-devel () zugschlus ! de>
Date: 2024-04-04 17:08:02
Message-ID: E1rsQZG-000000008rD-2ISK () swivel
[Download RAW message or body]
On Thu, 4 Apr 2024 13:25:04 +0200, Stephan Seitz
<stse+debian@rootsland.net> wrote:
>Am Di, Apr 02, 2024 at 13:30:43 +0200 schrieb Marc Haber:
>>from being vulnerable to the current xz-based attack. Just having to
>>dump an ALL: ALL into /etc/hosts.deny is vastly easier than having to
>>maintain a packet filter.
>
>Stupid question, but if you put „ALL: ALL" into hosts.deny, couldn't you
>stop the ssh daemon instead? ALL: ALL will block your ssh access, so it
>doesn't matter if the daemon is running or not.
Of course there are sshd: lines in hosts.allow for "my" networks.
Greetings
Marc
--
----------------------------------------------------------------------------
Marc Haber | " Questions are the | Mailadresse im Header
Rhein-Neckar, DE | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 6224 1600402
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic