hosts.allow

rainlinux · 10-04-2010, 10:38 PM

Hi all,

After I type sshd: 192.168.1.11 : allow and

sshd : ALL : Deny

I can't access hosts.allow or deny any more.

It says "Permission denied"

Before I typed that, I can access hosts.allow and deny.

What to do now? Please help... Thanks a lot.

By the way, I was wondering what command to edit hosts.allow.

For example, I want to put sshd: xxx.xxx.xxx.xxx : allow in that file.

Again, thanks....

vishesh · 10-04-2010, 10:45 PM

Quote:

Originally Posted by rainlinux

Hi all,

By the way, I was wondering what command to edit hosts.allow.

For example, I want to put sshd: xxx.xxx.xxx.xxx : allow in that file.

Again, thanks....

Although your question is not very clear, i conclude that You want to edit hosts.allow and hosts.deny file
You can use any editor like vi, nano etc to edit hosts.allow or hosts.deny file.
root# vi /etc/hosts.allow
..

Thanks

bret381 · 10-04-2010, 11:09 PM

Quote:

Originally Posted by rainlinux

Hi all,

It says "Permission denied"

run as root to edit or use sudo to edit.

rainlinux · 10-04-2010, 11:09 PM

Thanks Vishesh,

Actually, I have two questions.

1. I can't access the hosts.allow anymore (the reason I memtioned above), how to fix it?

2. Although I can't edit(access) hosts.allow for now, I still want to know the command to edit the file. (Thank you for your answer for this question)

bret381 · 10-04-2010, 11:10 PM

sudo nano hosts.allow

John VV · 10-04-2010, 11:51 PM

so you are on a remot terminal and used ssh . Then told the host.allow file to have "all deny "added to it

1)so you told the remote system to deny ALL connections
2) or at least ALL connections from YOUR ip address "192.168.1.11"

if "2"

use a different computer on a different network to login and undo what you did

if "1" you need to be sitting in front of the computer ,to fix.

rainlinux · 10-05-2010, 01:09 AM

Thanks all,

John VV,

I was just wondering how to undo what I did.

My purpose is deny all ssh connections, except 192.168.1.11

Thank you

prayag_pjs · 10-05-2010, 01:20 AM

In hosts.deny:

Quote:

SSHD: ALL

In hosts.allow:

Quote:

SSHD: 192.168.1.11

Implicit deny all and allow one

rainlinux · 10-05-2010, 08:35 PM

Hi all,

I already put SSHD: ALL in hosts.deny and SSHD: 192.168.1.11 in hosts.allow

But my redhat still allow me remote login.(I did this with another pc)

I even disabled ssh service through usr/sbin/setup > system services > unselect sshd

I can still login through ssh.

Please help, Thank you so much.

ps: I did above steps NOT using pc with 192.168.1.11

joec@home · 10-05-2010, 10:16 PM

From my notes, has a few additional ssh security functions as well.

/etc/hosts.allow
sshd: xxx.xxx.xxx.xxx/255.255.255.0 #Network Adress
sshd: xxx.xxx.xxx.xxx #Single IP Address

/etc/hosts.deny
sshd: ALL
sshd1: ALL
sshd2: ALL
sshdfwd-X11: ALL

raviteja_s · 10-05-2010, 11:19 PM

Try these steps:

vim /etc/hosts.deny

sshd: ALL EXCEPT 192.168.1.11

Wim Sturkenboom · 10-05-2010, 11:49 PM

My hosts.deny:

Code:

ALL: ALL
# End of hosts.deny.

Everything is blocked

My hosts.allow

Code:

ALL: 127.0.0.1
#telnet replaced by ssh (2006-05-23 by WimS)
#in.telnetd: 172.31.212.19
vsftpd: 172.31.212.148
sshd: 172.31.212.148
# End of hosts.allow.

All localhost to access all services
vsftpd and sshd from one machine only

Wonder if the contents of the file is not case-sensitive ?

rainlinux · 10-06-2010, 01:11 AM

Thanks you guys

The weird thing is I even disabled the sshd service as I said above ( usr/sbin/setup > system services > unselect sshd)

Why I can still apply remote control through "putty" (ssh)?

Thank you

Wim Sturkenboom · 10-06-2010, 01:42 AM

I don't know how sshd is started on your system. Might be that the disabling (as you did) only takes effect at boot and that you still have to stop the ssh daemon manually.

I might have missed it, but which distro are you using?

rainlinux · 10-06-2010, 01:57 AM

Thanks Wim Sturkenboom

I'm using Redhat 7.0