opacny problem - Was: sshd - omezeni logovani uzivatelu v zavislosti na IP

[Petr Vileta]

> tady muzete nastavit vse...
>
> cat /etc/hosts.allow
> #povolim, pristup pres SSH jenom tem kdo maji platny reverzni zaznam +
> temhle IP 80.188.213.*
> sshd: .cz 80.188.213.*
>
> cat /etc/hosts.deny
> #co se neshoduje s /etc/hosts.allow nema pres sshcko pristup
> sshd:ALL
Mam opacny problem, ale mozna je problem uplne jinde. Pouzivam RH7.3 a
xinetd.
V /etc/hosts.allow nemam o sshd napsano nic, protoze chci umoznit pristup
temer kazdemu.
V /etc/hosts.deny mam toto

sshd: /etc/ssh_deny : spawn = ( echo "$(date '+%%d.%%m.%%y %%T') %d ... %h
[%a]" |tee -a /var/log/deny.log| mail
 -s "DENY %d %h" root ) &

protoze chci zakazat pristup z konkretnich vyjmenovanych IP nebo rozsahu.
Pokud se divite zapisu

sshd: /etc/ssh_deny

tak podle man 5 hosts_access je to pripustne a take mi to funguje pro
sendmail.

A  string  that  begins with a `/' character is treated as a file name. A
host name or
address is matched if it matches any host name or address pattern listed in
the  named
file.  The  file  format  is zero or more lines with zero or more host name
or address
patterns separated by whitespace.  A file name pattern can be  used
anywhere  a  host
name or address pattern can be used.

Ovsem pro sshd to nejak odmita fungovat. Jednak se mi do /var/log/deny.log
nic nezapisuje a za druhe se z jineho stroje klidne pripojim, ackoliv jsem
si ho pred tim pokusne zakazal.
Muze mi nekdo poradit kde by mohl byt problem?
--
Petr