Re: restricting ssh access | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 22 April 2003 12:42 am, Rodolfo J. Paiz wrote:
> At 10:14 PM 4/19/2003 +0200, you wrote:
> >what do i have to enter
> >in hosts.allow to allow ssh access only
> >from a certain domain?
>
> hosts.allow and hosts.deny (known as tcpwrappers) only affect programs
> run from xinetd usually. There are some other programs that are written
> to take advantage of tcpwrappers, but I do not know whether OpenSSH is
> one of them.
Openssh is compiled with tcpwrappers support. Sendmail is another
standalone app that does the same.
> >or is there another more secure way to
> >restrict access to connect over ssh?
>
> I would certainly suggest using your firewall to restrict access as
> long as you can give it static IP addresses. If you want every IP
> address that resolves to "mycompany.com" to have access, then that's
> more difficult.
Agreed, your firewall is the first line of defense.
- --
- -Michael
pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt
Red Hat Linux 7.{2,3}|8.0 in 8M of RAM: http://www.rule-project.org/
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+pKNRn/07WoAb/SsRAr1bAKCgsTNAG3r61StLhayCyBnDhyRFDwCZAbph
xmAJOjiylX7PAp3/KxLXbTk=
=nHyr
-----END PGP SIGNATURE-----
[Fedora Users] [Centos Users] [Kernel Development] [Red Hat Install] [Red Hat Watch] [Red Hat Development] [Red Hat Phoebe Beta] [Yosemite Forum] [Fedora Discussion] [Gimp] [Stuff] [Yosemite News]