On Wed, Nov 01, 2006 at 05:00:16PM -0500, Rob Munsch wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Justin Pryzby wrote: > > > You do realize that /etc/hosts.allow is checked before hosts.deny? > > yes, that's why i added my office's IP to hosts.allow before setting up > denyhosts; otherwise nasty, nasty things would happen the first time > someone screwed up their password 5 times :D > > that shouldn't allow localhost to ssh when there's a > sshd: 127.0.0.1 > in hosts.deny, however. If localhost is in hosts.allow, then tcpd will never deny it access, even if it is in hosts.deny.
If removal of hosts.allow causes access to be denied (don't do this remotely), then stuff is working as it should. Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
