Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access

From: Jason Turning <jturning@xxxxxxxxxxxxx>
Date: Sat, 30 Aug 2008 10:34:38 -0700

Frank Murphy wrote:

Tim wrote:

On Sat, 2008-08-30 at 08:09 +0100, Frank Murphy wrote:

What do I do to only allow remote access via ssh to my centos box.
From my laptop F9+, or an F9+ usb-stick

What do you mean by "only allow"? You want to block all ports except
for what SSH uses? It should have a firewall configurator to make that
easy for you, untick all the options except for ssh.

Write again if you need more info.

I mean only allow ssh access from those two scenarios,
my laptop + an F9 usb-stick.

because there are attempts by "fluffy" and other(s) to access the box.

Frank

This article has a lot of the tips I've used to make my SSH server more secure.
You might want to look at using DSA public key authentication to limit the
logins like you requested.

http://www.linux.com/feature/61061

I do like to have my SSH server password accessible, so I've set AllowUsers and
run Denyhosts. Denyhosts is like the other program that locks out certain users
that have failed logging in so many times, except it has a server that you
report banned IPs and the server feeds you the IPs reported by everyone else.
That way all the active bots trying to crack SSH servers are mostly locked out
already. And remember to pick a strong passphrase if you leave this available.

Jason

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Follow-Ups:
- Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
  - From: Frank Murphy

References:
- OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
  - From: Frank Murphy
- Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
  - From: Tim
- Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
  - From: Frank Murphy

Prev by Date: Re: Ping KDE users
Next by Date: Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
Previous by thread: Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
Next by thread: Re: OT-ish F9 Laptop\USB-Stick CentOS5.x Server SSH Access
Index(es):
- Date
- Thread

Relevant Pages

Re: Simplest way to turn an excel column into a savedlist
... internet, where AccuTerm is LAN-based due to telnet. ... many of your clients will be reluctant to provide an ssh server ... supposing you've got a laptop you want to dial in to their system from, ...
(comp.databases.pick)
Re: Safest way of accessing a home computer from outside?
... what if I my router doesent have a public IP ... use for ssh is forwarded to your ssh server. ... You can find Hamachi at ...
(Fedora)
Re: Safest way of accessing a home computer from outside?
... what if I my router doesent have a public IP ... I agree - ssh with no password and then use certificates to ... use for ssh is forwarded to your ssh server. ... You can find Hamachi at ...
(Fedora)
Re: AIX 5.2L "who" question
... SSH is corrupting the utmp file! ... where did you get the SSH server you are running? ... We have a 44P-270 running AIX 5.2L, when users connected via ssh they can't ... Monitoring ...
(AIX-L)
Re: Blocking attacks from spoofed IP addresses
... Some of the ssh attacks are distributed. ... So IMHO public key authentication does not necessarily reduce risks. ... if one is scared about login unwanted attempts on a ssh server ...
(comp.os.linux.networking)