Re: allowing ssh client from a certain subnet only
From: dawbins (dawbins_at_n0n0.com)
Date: 06/23/03
- Next message: johan antwerp: "convenience question of new scp user"
- Previous message: David Balazic: "PuTTY port forwarding corruptions"
- In reply to: pui ming Wong: "allowing ssh client from a certain subnet only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Jun 2003 08:56:40 GMT
openssh has tcpwrapper enabled by default
/etc/hosts.allow
ALL: xxx.yyy.
/etc/hosts.deny
ALL:ALL:DENY
to test if tcpwrapper is operational bu blocking one computer
/etc/hosts.allow
ALL: xxx.yyy. EXCEPT xxx.yyy.AAA.BBB
# where the EXCEPT IP is the specific IP of a computer in the xxx.yyy.
# network
and/or use iptables
pui ming Wong wrote:
>
> I run sshd as a daemon (not from inetd.conf)
> As a newbie, what are the stanzas in the sshd config file
> that could deny all client access EXCEPT from
> a certain network
> say, xxx.yyy (which is a Class B network)
- Next message: johan antwerp: "convenience question of new scp user"
- Previous message: David Balazic: "PuTTY port forwarding corruptions"
- In reply to: pui ming Wong: "allowing ssh client from a certain subnet only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
