SSH Security
Mike Burger
mburger at bubbanfriends.org
Wed Sep 29 21:01:36 UTC 2004
Yup...it's been compiled in for quite some time, that way.
On Wed, 29 Sep 2004, Charles Leeds wrote:
> Well, I will have to recant this because somehow the sshd is using
> hosts.allow and hosts.deny even though it does not appear to be called
> from the /etc/rc.d/init.d script.
>
> Charles Leeds wrote:
>
> >
> > 1) Daemons that use xinetd are protected by hosts.deny and
> > hosts.allow, and therefore can use them
> > 2) The SSH RPM that ships with RHEL does _NOT_ use xinetd, and cannot
> > use hosts.allow and hosts.deny out of the box
> > 3) SSH can be compiled/configured to use xinetd
> >
> > So to secure access to sshd you need to either:
> >
> > 1) Use the AllowUsers line in the sshd_config file and restart your
> > sshd service
> > 2) Configure sshd to go through xinetd so you can use hosts.allow and
> > hosts.deny
> >
> > Lindsay
> >
> >
> >
> >
> >
> > Reuben D. Budiardja wrote:
> >
> >> On Wednesday 29 September 2004 11:04, Margaret Doll wrote:
> >>
> >>
> >>> Use /etc/hosts.deny and /etc/hosts.allow
> >>>
> >>
> >>
> >> hosts.allow and hosts.deny control access to other servicess too
> >> beside SSH. they also allow you to use domain name to allow access.
> >> "man hosts.allow" and 'man hosts.deny'.
> >>
> >> RDB
> >>
> >>
> >>
> >
>
>
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-request at bubbanfriends.org
with a message of:
subscribe
More information about the redhat-list
mailing list