SSH Security
Charles Leeds
charlesleeds at rowdyrhino.com
Wed Sep 29 19:28:04 UTC 2004
Well, I will have to recant this because somehow the sshd is using
hosts.allow and hosts.deny even though it does not appear to be called
from the /etc/rc.d/init.d script.
Charles Leeds wrote:
>
> 1) Daemons that use xinetd are protected by hosts.deny and
> hosts.allow, and therefore can use them
> 2) The SSH RPM that ships with RHEL does _NOT_ use xinetd, and cannot
> use hosts.allow and hosts.deny out of the box
> 3) SSH can be compiled/configured to use xinetd
>
> So to secure access to sshd you need to either:
>
> 1) Use the AllowUsers line in the sshd_config file and restart your
> sshd service
> 2) Configure sshd to go through xinetd so you can use hosts.allow and
> hosts.deny
>
> Lindsay
>
>
>
>
>
> Reuben D. Budiardja wrote:
>
>> On Wednesday 29 September 2004 11:04, Margaret Doll wrote:
>>
>>
>>> Use /etc/hosts.deny and /etc/hosts.allow
>>>
>>
>>
>> hosts.allow and hosts.deny control access to other servicess too
>> beside SSH. they also allow you to use domain name to allow access.
>> "man hosts.allow" and 'man hosts.deny'.
>>
>> RDB
>>
>>
>>
>
More information about the redhat-list
mailing list