Re: How to permit selective SSH access?
From: Jean-David Beyer (jdbeyer_at_exit109.com)
Date: Thu, 03 Jun 2004 07:30:31 -0400
Reply-Via-Newsgroup Thanks wrote:
> I have tried reading the 'man' page on ssh and attempted to configure
> to only permit access to the server from a select number of IP addresses
> however it doesn't work (meaning access is permitted from all IP
> addresses regardless of origin).
> I just placed the IP addresses in the above files - Can someone provide
> me with some examples or suggest where I am going wrong?
> Please reply via the newsgroup so all can learn,
> Thanks in advance,
> Randell D.
I do it with iptables.
I have iptables set up to deny access from anyone to anything.
Then I selectively allow those IP addresses I care about to connect to
those ports I want.
So for ssh, I have entries like:
# For sshd daemon.
for sip in $[list of good guys for ssh]; do
$IPT -A IN_FIREWALL -p tcp -m state --state NEW \
-s $sip --dport ssh -j ACCEPT
-- .~. Jean-David Beyer Registered Linux User 85642. /V\ Registered Machine 241939. /( )\ Shrewsbury, New Jersey http://counter.li.org ^^-^^ 07:25:00 up 2 days, 16:24, 5 users, load average: 2.05, 2.09, 2.08