SSH Security
Alexey Fadyushin
fab at s-tunnel.com
Thu Sep 30 17:01:45 UTC 2004
You should use option AllowUsers in file /etc/ssh/sshd_config. This option
lists the names of users which are allowed to connect via ssh and host
from which them are allowed to connect. For example:
AllowUsers: *@192.168.11.1
should allow any user to connect from host 192.168.11.1. Connections
from other addresses willn ot succeed.
Also you can use files /etc/hosts.allow and/or /etc/hosts.deny which
define restrictions for connections to daemons which use libwrap (SSH
does use it).
It is also possible to filter incoming connections to port ssh with
iptables, so the packets from any hosts not allowed to connect to SSH
will be dropped.
Alexey Fadyushin.
Brainbench MVP for Linux
http://www.brainbench.com
Darryl W. DeLao Jr. wrote:
> How can I tell the SSH server to only allow certain IP's the ability to
> login?
>
>
>
> Thanks!
>
>
>
>
>
More information about the redhat-list
mailing list