HEADSUP: OpenSSH 6.7 drops tcpwrapper support
Corinna Vinschen
corinna-cygwin@cygwin.com
Mon Aug 18 11:53:00 GMT 2014
Hi folks,
Just a HEADSUP to all of you actively using the tcp_wrappers/libwrap
functionality in sshd:
Starting with the next OpenSSH version 6.7, which will be released soon,
upstream removed support for tcp_wrappers/libwrap from the sources.
While that's bad from a compatibility point of view, the upstream
developers are adamant about this change for security reasons.
So, if you configured /etc/hosts.allow and/or /etc/hosts.deny files in
your Cygwin installation to block certain connections to your sshd
service, you will have to find other means to do that ASAP:
- Utilize the sshd_config Match rule.
- Utilize your firewall.
Hope that helps,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20140818/1d9fad29/attachment.sig>
More information about the Cygwin
mailing list