You are not logged in.
- Topics: Active | Unanswered
#1 2008-08-29 12:34:55
- T0MAS
- Member
- Registered: 2007-02-22
- Posts: 12
tcp wrappers spawn/twist for hosts.{allow|deny} question
Hi,
I'm trying to setup my hosts.allow, hosts,deny with tcp wrappers spawn.
Here's my hosts.deny;
ALL: ALL \
: spawn /bin/echo `/bin/date` access denied>>/var/log/hosts.deny.log \
: deny
when I ssh to box, access is denied;
/var/log/auth.log Aug 29 19:46:22 arch sshd[3258]: refused connect from 10.106.155.19
on the client side this looks like this;
ssh_exchange_identification: Connection closed by remote host
/var/log/hosts.deny.log is created, but it's empty, I was expecting an entry in /var/log/hosts.deny.log like this;
Fri Aug 29 13:30:47 BST 2008 access denied
Also is there any way of changing ssh_exchange_identification: Connection closed by remote host for the client i.e. unauthorized connection this has been logged?
Can somebody tell me if I'm doing something wrong?
Thanks everyone for the help!
Last edited by T0MAS (2008-08-29 14:33:48)
Offline
#2 2008-08-29 13:40:04
- Ramses de Norre
- Member
- From: Leuven - Belgium
- Registered: 2007-03-27
- Posts: 1,289
Re: tcp wrappers spawn/twist for hosts.{allow|deny} question
man 5 hosts_optionsLook at "twist" and "severity".
Offline
#3 2008-08-29 14:32:39
- T0MAS
- Member
- Registered: 2007-02-22
- Posts: 12
Re: tcp wrappers spawn/twist for hosts.{allow|deny} question
Look at "twist" and "severity".
Thanks for your suggestion, I have changed my hosts.deny according to manual
SSHD \
: ALL \
: spawn /bin/echo logging access deny >>/var/log/hosts.deny.log \
: twist /bin/echo access deny message to the client \
: DENYStill getting same message on the client and an empty /var/log/hosts.deny.log
Thanks for your help!:D
Offline
#4 2008-08-29 15:01:27
- Ramses de Norre
- Member
- From: Leuven - Belgium
- Registered: 2007-03-27
- Posts: 1,289
Re: tcp wrappers spawn/twist for hosts.{allow|deny} question
From the manual:
twist shell_command
<...> This option must appear at the end of a rule. <...>
Last edited by Ramses de Norre (2008-08-29 15:01:59)
Offline
#5 2008-08-29 15:15:54
- T0MAS
- Member
- Registered: 2007-02-22
- Posts: 12
Re: tcp wrappers spawn/twist for hosts.{allow|deny} question
From the manual:
twist shell_command
<...> This option must appear at the end of a rule. <...>
Thanks for pointing out above and sorry about that 
... I have changed my hosts.deny file so it looks like this;
SSHD \
: ALL \
: spawn /bin/echo logging access deny >>/var/log/hosts.deny.log \
: DENY \
: twist /bin/echo access deny message to the clientI'm still having the same, no message is sent to client (twist) and nothing is logged (spawn)
Last edited by T0MAS (2008-08-29 15:16:36)
Offline
#6 2008-08-30 10:40:03
- Ramses de Norre
- Member
- From: Leuven - Belgium
- Registered: 2007-03-27
- Posts: 1,289
Re: tcp wrappers spawn/twist for hosts.{allow|deny} question
I'm sorry, I'm out of ideas... Maybe someone else can help you further..
Offline