[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More SSH 'trolling'



Scot L. Harris wrote:
On Thu, 2004-10-14 at 10:40, Andrey Andreev wrote:

Wouter van Vliet wrote:

As for limiting ssh access only to those who need it, how would that
be done and how can I restrict on IP and user? I've found this page
http://doc.trustix.org/cgi-bin/trustixdoc.cgi?Restrict_SSH_Per_User
which explains about allowing only certain users. It's cool. Now, what
would be the user/ip combi approach?

I make my firewall do that.


That is good but having sshd restrict who can login in addition to the
firewall gives you two lines of defense against someone.  If they happen
to get past the firewall then they have to get past your sshd
configuration as well.

Good point, actually all the ones you make are good stuff. I was only referring to limiting IPs that could be used for SSH in my last post. That's obviously not a complete solution. Thanks for pointing that out.


//Andro


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]