LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-07-2018, 02:20 PM   #16
teoberi
Member
 
Registered: Jan 2018
Location: Romania
Distribution: Slackware64-current (servers)/Ubuntu (workstations)
Posts: 283

Original Poster
Rep: Reputation: 166Reputation: 166

Quote:
Originally Posted by allend View Post
Yeah - I have been in two minds about that one as well. iptables maybe a single point of failure, but it is also a single point of maintenance. On balance, I prefer to go with iptables only.
Yeah, iptables only will become nftables only?
The question is should now start learning nftables?
I have improved the iptables-based firewall over the last few years and now I get it from the beginning?
 
Old 09-16-2019, 09:46 AM   #17
klmyhd
LQ Newbie
 
Registered: Sep 2019
Posts: 2

Rep: Reputation: Disabled
Releasenotes at openssh.com, from version 6.7, does not support "tcpwrappers/libwrap"
Changes since OpenSSH 6.6
=========================

Potentially-incompatible changes

* sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour*
are disabled by default.

The full set of algorithms remains available if configured
explicitly via the Ciphers and MACs sshd_config options.

* sshd(8): Support for tcpwrappers/libwrap has been removed.

* OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
using the curve25519-sha256@libssh.org KEX exchange method to fail
when connecting with something that implements the specification
correctly. OpenSSH 6.7 disables this KEX method when speaking to
one of the affected versions.
 
Old 09-16-2019, 09:49 AM   #18
klmyhd
LQ Newbie
 
Registered: Sep 2019
Posts: 2

Rep: Reputation: Disabled
Quote:
Originally Posted by teoberi View Post
From Current (pre-release) ChangeLog for x86_64

If I want to check the TCP Wrappers support for SSHD with the command:
Code:
ldd /usr/sbin/sshd | grep libwrap
there is no result returned!
If I run
Code:
ldd /usr/sbin/sshd
result is

They are already installed:
openssh-7.7p1-x86_64-2
tcp_wrappers-7.6-x86_64-1
but libwrap.so.0 is missing.
Releasenotes at openssh.com, from version 6.7, does not support "tcpwrappers/libwrap"
 
Old 09-17-2019, 04:50 PM   #19
volkerdi
Slackware Maintainer
 
Registered: Dec 2002
Location: Minnesota
Distribution: Slackware! :-)
Posts: 1,967

Rep: Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441Reputation: 6441
Quote:
Originally Posted by klmyhd View Post
Releasenotes at openssh.com, from version 6.7, does not support "tcpwrappers/libwrap"
Welcome to LQ

We have never included a shared TCP wrappers library, so poking at binaries with ldd isn't going to offer any useful information. But if you actually try using the feature you'll find that our openssh package does support TCP wrappers.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Linux TCP Wrappers & Which Services can be secured via TCP Wrappers LXer Syndicated Linux News 0 12-16-2013 09:01 AM
Are TCP Wrappers still used dazdaz Linux - Software 3 06-14-2012 12:07 AM
How to install OpenSSH on CentOS with tcp wrappers support Brandon.Wamboldt Linux - Server 4 05-05-2009 10:20 PM
Tcp wrappers sysconfig Linux - Security 4 09-08-2006 08:20 AM
TCP Wrappers ltrain Linux - Security 6 05-31-2001 10:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 12:48 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration