Re: bar root login from any but 192.168.0/16
From: Nico Kadel-Garcia (nkadel_at_comcast.net)
Date: 08/14/04
- Previous message: Alex: "PPP-Over-SSH and Windows"
- In reply to: Harry Putnam: "bar root login from any but 192.168.0/16"
- Next in thread: Harry Putnam: "Re: bar root login from any but 192.168.0/16"
- Reply: Harry Putnam: "Re: bar root login from any but 192.168.0/16"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 14 Aug 2004 17:48:08 -0400
"Harry Putnam" <reader@newsguy.com> wrote in message
news:m3wu03vtx8.fsf@newsguy.com...
> How can I bar root login via ssh but only from somewhere besides my
> local network?
>
> My ssh server sits behind a nat'ed firewall. I'd like to keep any
> root logins from the internet from happening but allow them from
> my.local.net.
The easy way is to use a different port for external, Internet based logins
by using a separate init script with a separate sshd_config file, and if you
wish to allow user access from the Internet at large, port-forward from your
external NAT'ed IP address and port (such as the standard SSH port 22) to
your internal server on the alternative port. This will be invisible to your
users, protect your root accessible port from external access, and is very
simple to configure.
- Previous message: Alex: "PPP-Over-SSH and Windows"
- In reply to: Harry Putnam: "bar root login from any but 192.168.0/16"
- Next in thread: Harry Putnam: "Re: bar root login from any but 192.168.0/16"
- Reply: Harry Putnam: "Re: bar root login from any but 192.168.0/16"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
