Extended question: SSH safety
Chris Rouch
crouch at pobox.com
Mon Nov 15 13:51:24 UTC 2004
On Sun, 14 Nov 2004 13:26:07 +0100
"J.L. Coenders" <fedora at universalgrid.nl> wrote:
> is possible.
> Is it also possible to allow ssh traffic from for instance a few ip
> addresses? Because I am limited to I guess two or three ip's.
You can use tcp wrappers to do this. e.g.
/etc/hosts.deny
ALL: ALL
/etc/hosts.allow
SSHD: aaa.bbb.ccc.ddd
A long time ago someone else posted this trick for hosts.deny, which is
what I use, though it can get noisy:
ALL: ALL: spawn echo tcpwrap has detected an Unauthorised Connection \
Attempt from %h %a to %d at `date`|tee -a /var/log/secure|mail root
Regards,
Chris
More information about the users
mailing list