From owner-FreeBSD-users-jp@jp.freebsd.org  Thu Apr  5 15:58:24 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id PAA91768;
	Thu, 5 Apr 2001 15:58:24 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from techno.sci.co.jp (techno.sci.co.jp [210.189.51.160])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id PAA91763
	for <FreeBSD-users-jp@jp.freebsd.org>; Thu, 5 Apr 2001 15:58:24 +0900 (JST)
	(envelope-from ryuon@sci.co.jp)
Received: (from ryuon@localhost)
	by techno.sci.co.jp (8.11.3/3.7W/TECHNO/00122211) id f356w8V63789;
	Thu, 5 Apr 2001 15:58:08 +0900 (JST)
	(envelope-from ryuon)
Message-Id: <200104050658.f356w8V63789@techno.sci.co.jp>
From: YOSHIMURA Takeshi <ryuon@ryuon.org>
X-Reply-To: ryuon@sci.co.jp
Organization: SystemCore Inc./SCI.CO.JP
Content-Type: text/plain; charset=ISO-2022-JP
Content-Transfer-Encoding: 7bit
To: FreeBSD-users-jp@jp.freebsd.org
In-Reply-To: Your message of "Thu, 05 Apr 2001 15:28:52 +0900".
	<20010405152852K.nkt@mail2.alpha-net.ne.jp>
References: <4.3.2-J.20010405104908.0303eac0@zenon.rite.or.jp>
	<85d7ar2ad0.fsf@meadow.scphys.kyoto-u.ac.jp>
	<20010405152852K.nkt@mail2.alpha-net.ne.jp>
Mime-Version: 1.0
X-Mailer: mnews [version 1.22PL5] 2001-02/07(Wed)
Date: Thu, 5 Apr 2001 15:58:08 +0900
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 60592
Subject: [FreeBSD-users-jp 60592] Re: TCP_WRAPPER
	=?ISO-2022-JP?B?GyRCJEskRCQkJEYbKEI=?= 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: ryuon@ryuon.org

$B$h$7$`$i(B@$B%7%9%F%`%3%"$G$9!#(B

<20010405152852K.nkt@mail2.alpha-net.ne.jp>$B$N%a%$%k$K$*$$$F(B
2001$BG/(B04$B7n(B05$BF|(B($BLZ(B)15$B;~(B28$BJ,(B52$BIC(B(JST)$B:"!"(Bnakata nobu$B$5$s$O=q$-$^$7$?!#(B
>man sshd (8) line 120.
>sshd is normally not run from inetd because it needs to generate the
>server key before it can respond to the client, and this may take tens
>of seconds.
>$B$H=q$$$F$"$k$N$K!"$J$s$G(B inetd $B$G5/F0$9$k$N!#(B


$B$9$$$^$;$s!#(B
$B;d$N%a%$%k$K!"@FF#!w(BRITE$B$5$s$r4V0c$C$?J}8~$X;}$C$F$$$C$?0l0x$,$"$j$^$9!#(B

$B@FF#!w(BRITE$B$5$s$N(B
<4.3.2-J.20010404193833.00bd4ca0@zenon.rite.or.jp>
>$B$3$N>uBV$G!"(Btcpdchk$B$r<B9T$9$k$H(B
>warning: /etc/hosts.allow, line 10: sshd: service possibly not wrapped
>$B$H=PNO$5$l$^$9!#$3$l$O!"%G%'%U%)%k%H$G%$%s%9%H!<%k$5$l$F$$$k!"(BOpenSSH_2.3.0
>$B$,(BTCP_WRAPPER$B$r(Benable$B$K$;$:$K(Bmake$B$5$l$F$$$k$?$a$J$N$G$7$g$&$+!)(B

$B$KBP$7$F!"(B

$B?9ED!w5~Bg$5$s$N(B
<85zodwq4ei.fsf@meadow.scphys.kyoto-u.ac.jp>
> tcpdchk$B$O!"(B/etc/hosts.(allow|deny)$B$r8!::$9$k:]$K(B daemon$B$NBEEv@-$r(B
> $B8!>Z$9$k$N$K(B /etc/inetd.conf$B$N$_$rMQ$$$k$?$a(B /etc/inetd.conf$B$K(B
> $B8=$l$J$$(B sshd daemon$B$KBP$7$F7Y9p$r=P$7$F$$$k(B

$B$H$$$&Ez$($r!"(B

$B@FF#!w(BRITE
<4.3.2-J.20010405091910.03b4f008@zenon.rite.or.jp>
> $B?9ED!w5~BgMM$N$*$C$7$c$$$^$9!"(Bdeamon$B$NBEEv@-$r(Binetd.conf$B$rMQ$$$F9T$&$H$$$&$3$H$O(B
> $BEvA3!"(Bhosts.allow$B5Z$S(Binetd.conf$B$KBP$7$F2<5-$N$h$&$J@_Dj$,I,MW$@$H$*$C$7$c$$$F(B
> $B$$$k$H2r<a$7$F$$$^$9!#(B

$B$H4V0c$C$F2r<a$7$F$7$^$C$?$H$-$K!"(B

$B$o$?$7$,!"(B
<200104050107.f3517qk58157@techno.sci.co.jp>
> hosts.(allow|deny)$B%U%!%$%k$N(Bdaemon_list$B$O%W%m%0%i%`L>$G$9!#(B
> inetd.conf$B$N%W%m%0%i%`L>$O!"(B
> >sshd    stream  tcp     nowait  root    /usr/libexec/sshd       /usr/sbin/sshd$B!!(B-i
>                                                       ^^^^
> $B$3$l$G$9!#(B

$B$J$s$F=q$$$F$7$^$C$?$+$i!"$=$N$^$^4V0c$C$FFM$-?J$s$G$$$k5$$,$7$^$9!#(B

$B$[$s$H$O!">e$N@bL@$O!"(B
<4.3.2-J.20010405091910.03b4f008@zenon.rite.or.jp>$B$N(B
> $B$?$H$($P!"(Bhosts.allow$B!"(Binetd.conf$B5Z$S(Bservices$B$r2<5-$N$h$&$K@_Dj$r$7$F$_$^$7$?!#(B
> hosts.allow
> ssh : localhost 127.0.0.1 192.168.2.246 : allow
> inetd.conf
> ssh    stream  tcp     nowait  root    /usr/libexec/sshd       /usr/sbin/sshd -i
> services
> ssh             22/tcp    #Secure Shell Login
> ssh             22/udp    #Secure Shell Login
> $B$3$N$h$&$J@_Dj$r$7!"(Bhosts.allow$B$H(Binetd.conf$B$N5-:\FbMF$r@09g$5$7$F(B
> tcpdchk$B$r<B9T$9$k$H!"2<5-$N$h$&$J!"(Bwarning$B$,=PNO$5$l$^$9!#(B

$B$KBP$7$F$NJVEz$G$"$j!"(B

<4.3.2-J.20010404193833.00bd4ca0@zenon.rite.or.jp>
$B$X$NJVEz$,!"(B

> $B$"$H$O(Btcp_wrapper$B;H$C$F$$$k$+$I$&$+$OJL$K$7$F!"(Bldd /usr/sbin/sshd
> $B$d$l$P!"0MB8$5$l$F$$$k$+$I$&$+$OJ,$+$k$H;W$$$^$9!#(B

$B$G$9!#(B


----
 $BEZ(B YOSHIMURA Takeshi           | SystemCore Inc.
 $B8}(B $BB<(B  $BIp(B $B;N(B <ryuon@Ryuon.ORG> | http://www.sci.co.jp/
 webmin-jp $B%a!<%j%s%0%j%9%H(B http://www.ryuon.org/webmin-jp/
