Re: SSH security

From: Chris Wilkes (cwilkes@ladro.com)
Date: 10/19/01 

Date: Fri, 19 Oct 2001 09:06:18 -0700 (PDT)
From: Chris Wilkes <cwilkes@ladro.com>
To: focus-linux@lists.securityfocus.com
Subject: Re: SSH security
Message-ID: <Pine.LNX.4.10.10110190905140.25695-100000@cjw.depechecode.com>

On Fri, 19 Oct 2001, Brian Clifton wrote:

> Does anyone know how to restrict ssh login access to certain ip's??
> e.g. like host.allow does? I have found un-authorised attempts trying
> to log in via ssh in var/logs/secure...
>
> In /etc/ssh/sshd_config, I have:
> PermitRootLogin = no
> ReverseMappingCheck = no
> # I can not use this as our ADSL ip address does not reverse map
> # though I am investigating this.

Looking through the rest of the sshd_config file I found these two lines
remmed out:
  # AllowHosts *.our.com friend.other.com
  # DenyHosts lowsecurity.theirs.com *.evil.org evil.org
Did you try these out?

Chris

Relevant Pages

  • ssh: Repeated breakin attempts
    ... May 2 08:12:04 debian sshd: Could not reverse map address ... for ssh service ... May 2 07:59:32 debian sshd: Failed password for ...
    (comp.os.linux.security)
  • ssh: Repeated intrusion attempts
    ... May 2 08:12:04 debian sshd: Could not reverse map address ... is a valid user name on my system - who is denied access via ssh. ... May 2 07:59:32 debian sshd: Failed password for ...
    (Debian-User)
  • Re: ssh / bind help?
    ... >> debug3: Trying to reverse map address 168.254.0.251. ... I mean, can you "ssh 168.254.0.251"? ... But...I found a work-around: Removing GSSAPIAuthentication yes ...
    (Fedora)
  • Re: SSH security
    ... Subject: SSH security ... > Does anyone know how to restrict ssh login access to certain ip's?? ...
    (Focus-Linux)
  • Re: SSH security
    ... Subject: SSH security ... > Does anyone know how to restrict ssh login access to certain ip's?? ...
    (Focus-Linux)