SSH security

From: Brian Clifton (brian@omegadm.co.uk)
Date: 10/19/01


From: "Brian Clifton" <brian@omegadm.co.uk>
To: focus-linux@lists.securityfocus.com
Date: Fri, 19 Oct 2001 14:57:46 +0100
Subject: SSH security
Message-ID: <3BD03F6A.4548.460592C@localhost>

Does anyone know how to restrict ssh login access to certain ip's??
e.g. like host.allow does? I have found un-authorised attempts trying
to log in via ssh in var/logs/secure...

In /etc/ssh/sshd_config, I have:
PermitRootLogin = no
ReverseMappingCheck = no
# I can not use this as our ADSL ip address does not reverse map
# though I am investigating this.

Best regards, Brian
Using RH7.0

=============================================================
Omega Digital Media Ltd

       I N T E G R A T E D W E B S O L U T I O N S

Phone: +44 (0) 1444 410202
Fax: +44 (0) 1444 412909

http://www.omegadm.co.uk
=============================================================
Cuckfield House, High Street, Cuckfield, West Sussex RH17 5EL



Relevant Pages

  • ssh: Repeated breakin attempts
    ... May 2 08:12:04 debian sshd: Could not reverse map address ... for ssh service ... May 2 07:59:32 debian sshd: Failed password for ...
    (comp.os.linux.security)
  • ssh: Repeated intrusion attempts
    ... May 2 08:12:04 debian sshd: Could not reverse map address ... is a valid user name on my system - who is denied access via ssh. ... May 2 07:59:32 debian sshd: Failed password for ...
    (Debian-User)
  • Re: ssh / bind help?
    ... >> debug3: Trying to reverse map address 168.254.0.251. ... I mean, can you "ssh 168.254.0.251"? ... But...I found a work-around: Removing GSSAPIAuthentication yes ...
    (Fedora)
  • Re: SSH security
    ... Subject: SSH security ... > Does anyone know how to restrict ssh login access to certain ip's?? ... > # I can not use this as our ADSL ip address does not reverse map ...
    (Focus-Linux)
  • Re: ssh / bind help?
    ... >> debug3: Trying to reverse map address 168.254.0.251. ... I mean, can you "ssh 168.254.0.251"? ... billmurray> ssh -Y -vvv 168.254.0.1 .... ...
    (Fedora)