hardening SSH
- From: Michael Klinosky <mpk2@xxxxxxxxx>
- Date: Wed, 15 Aug 2007 17:39:20 -0400
I use ssh (on my own machines, personal use). My primary box (for ssh, it's the my daemon) is on dsl. The only machine that I log in from (client?) is on the same ISP, and is on a dial-up line.
I'd like to allow only those IPs that I might dynamically get. How would
this be accomplished? I checked my secure log file (on the daemon box), and have examples of IPs that I was assigned. Nota bene: It seems like only the first and second parts are consistant. So, how can I specify a range thus: 200.100.x.x ? Would I use a zero, or 'x', or ...?
I checked out the openssh website - only man pages. I read the man page,
but didn't see anything related to this. I used Google's linux search - nothing this specific.
I figure that I could use either sshd_config's ListenAddress or
/etc/hosts.allow or hosts.deny.
Btw, I figured out how to set up iptables to use a non-default port, and
I use AllowUsers in the sshd_config (on the machine I log into).
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- Follow-Ups:
- Re: hardening SSH
- From: Justin W
- Re: hardening SSH
- From: Knute Johnson
- Re: hardening SSH
- Prev by Date: Re: What rpm provides dig and host tools
- Next by Date: Re: how to set up VM, or is there a freeware equivalent to Deep Freeze Software
- Previous by thread: Pidgin Crashing !
- Next by thread: Re: hardening SSH
- Index(es):
Relevant Pages
|
