sshd and hosts.allow

[Statia]

Something else is weird.
In syslog I see this:

Code:

Dec  4 11:19:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 11:29:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 11:39:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 11:49:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 11:59:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 12:09:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 12:17:01 possum CRON[2623]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
Dec  4 12:19:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 12:29:59 possum inetd[1049]: ssh/tcp: bind: Address already in use
Dec  4 12:39:59 possum inetd[1049]: ssh/tcp: bind: Address already in use

Some cronjob restarting inetd every ten minutes?
How to find out which address is already in use and how to fix that?

[Statia]

And mark as unsolved again, just tried to get in and it does not work any more.

Code:

Dec  4 13:54:15 possum sshd[3872]: warning: /etc/hosts.allow, line 14: can't verify hostname: getaddrinfo(static.kpn.net, AF_INET) failed
Dec  4 13:54:15 possum sshd[3872]: refused connect from 188.207.102.154 (188.207.102.154)

/etc/hosts.allow now looks like this:

Code:

sshd: 192.168.178.*,62.133.64.0/0.0.63.255,188.207.0.0/0.0.127.255,*.xs4all.nl

[Statia]

I really don't know what to make of this.
Sometimes it works, sometimes it doesn't.

Code:

Dec  4 15:34:04 possum sshd[1518]: Accepted publickey for statia from 62.133.64.10 port 60310 ssh2
Dec  4 15:34:31 possum sshd[1520]: Received disconnect from 62.133.64.10: 11: Closed due to user request.

(This was after I had rebooted again to move /tmp to RAM, so unrelated to networking changes)

[Statia]

OK, so I was missing one more IP-range: 92.69.0.0 - 92.69.255.255
So I added
92.69.0.0/0.0.255.255 to hosts.allow.
kill -HUP inetd: still can't get in.
service ssh restart: still can't get in.
reboot: STILL CAN'T GET IN!

What is going on here?

[digitec]

sshd : 85.80.2.21 : allow
sshd : 80.28.5.2 : allow
sshd : 210.75.24.15 : allow
sshd : 20.67.59. : allow
sshd : 10.8. : allow
sshd : 108.70. : allow
sshd : 121.19. : allow
sshd : 229.4.25.81 : allow
sshd : ALL : deny

Above IP works for me fine however if I add some domain name but not IP than it simply does not work, looking how to do it since one of my server run dyndns.

I tried following add to host.allow one line containing file that carries your DYNDNS IP and the file contents generate by
nslookup as follow:

try
nslookup yours.dyndns.org |grep "Address: " | cut -c 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24

do the CRON script - let's say "hhc" stored also into /etc folder

/etc/hhc

rm /etc/hhh.txt
nslookup yours.dyndns.org |grep "Address: " | cut -c 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 >> /etc/hhh.txt

as a root make CRON run this script every hour

like:

crontab -e


add:

08 * * * * /etc/hhc

and finally add the command into your file "hosts.allow"

.
.
sshd : 223.4.205.181 : allow
sshd : echo /etc/hhh.txt : allow
sshd : ALL : deny


it is simple and it works for me now