Re: sshd appears to not be consulting /etc/hosts.allow and /etc/hosts.deny for access control, is this a known issue?

[christos%astron.com@localhost (Christos Zoulas)]

In article <202501060935.5069ZcZn028967%nfbcal.org@localhost>,
Brian Buhrow  <buhrow%nfbcal.org@localhost> wrote:
>	Hello.  Thanks for the quick reply.  While openssh may have dropped
>libwrap and
>libblocklist support in version 6.7, NetBSD had it until the import of
>openssh-9.9.  I see no
>notation of this large change in behavior either in the cvs log file
>for the Makefile for sshd
>diff shown below for when this support was dropped, nor in the
>doc/CHANGES file, although the
>import of OpenSSH-9.9 is noted there.
>So, is it the case this was entirely intentional?  If so, I'm very
>surprised it wasn't noted
>more prominently in either the cvs log file of the Makefile itself or
>in the doc/CHANGES file,
>preferably both.  
>
>Might Christos be able to shed light on this?

It was certaintly not intentional if this does not work anymore,
but this seems to be fallout from the sshd/sshd-session splitup
if it does not work anymore. The libwrap stuff is still in
libexec/sshd-session/Makefile. Perhaps you just need to change "sshd"
to "sshd-session" in your rules? This is unfortunate, and we should
make a note about the change...

christos