Syntaxe for /etc/hosts.allow ? 1

[Barn]

Hello,

I would like to use /etc/hosts.allow to restrict access (by telnet) to only the hosts listed in that file.

But it doesn't seem to work.

Here is the syntax I use:

localhost:
x.y.z.a:
x.y.z.b:


Thanx in advance.

Barn.
IBM Certified -- Am I?

 

[mrregan]

try

ALL: localhost
All: x.y.z.a
All: x.y.z.b

 

[patel]

I don't think you need : just hostname

boggy
toggy
poo

or + to allow eveyone access

Patel

 

[Barn]

I do need the ":" or I have the kind of message "missing separator ":" ".

Anyway, it doesn't seem to work.
I still can logging from unwanted IP.

What can I do?

Barn.
IBM Certified -- Am I?

 

[mrregan]

what are the permissions on hosts.allow? I think they must be -rw------- owner and group root

 

[Barn]

The permissions was:
-rw-r--r-- owner and group root

I changed them to:
-rw------- owner and group root

But the problem is still the same.

Barn.
IBM Certified -- Am I?

 

[mrregan]

what is in your hosts.deny file?

 

[datadan]

Because no one else has said it:

Why have telnet at all. You can use ssh to do nearly everything that telnet can. Plus SSH has is more configurable and more secure (so you can use remoteley).

http://www.ssh.com

It's free


But to speak to your issues:

/etc/hosts.deny should be:
ALL: ALL

/etc/hosts.allow should be only those items you want to all to pass.
ipop3d : ALL
sshd: 10.

in your case you would need to add:
telnet: 10.

(if you wanted to allow access to everything from a 10.a.b.c network.)

Cheers

 

[Barn]

I had in /etc/hosts.deny

<unwanted_ip>:

I changed it with

ALL: ALL


And now it works very well.

SSH is the next step.
Thank U.

Barn.
IBM Certified -- Am I?