[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
RE: SSH Security
- From: "Michael Anaya" <mianaya edatatrace com>
- To: "'General Red Hat Linux discussion list'" <redhat-list redhat com>
- Subject: RE: SSH Security
- Date: Fri, 1 Oct 2004 10:31:07 -0700
From: redhat-list-bounces redhat com [mailto:redhat-list-bounces redhat com]
On Behalf Of Alexey Fadyushin
Sent: Thursday, September 30, 2004 10:02 AM
To: ddelao oucpm org; General Red Hat Linux discussion list
Subject: Re: SSH Security
You should use option AllowUsers in file /etc/ssh/sshd_config. This option
lists the names of users which are allowed to connect via ssh and host
from which them are allowed to connect. For example:
AllowUsers: * 192 168 11 1
should allow any user to connect from host 192.168.11.1. Connections
from other addresses willn ot succeed.
Also you can use files /etc/hosts.allow and/or /etc/hosts.deny which
define restrictions for connections to daemons which use libwrap (SSH
does use it).
It is also possible to filter incoming connections to port ssh with
iptables, so the packets from any hosts not allowed to connect to SSH
will be dropped.
Alexey Fadyushin.
Brainbench MVP for Linux
http://www.brainbench.com
Darryl W. DeLao Jr. wrote:
> How can I tell the SSH server to only allow certain IP's the ability to
> login?
AllowUsers is a list of local user accounts allowd to ssh in.
AllowUsers: username1 username2 username3
The option you are looking for:
ListenAddress ###.###.###.###:port
Both supported using protocol 2
HTH
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]