Re: restrict ssh access

From: per@xxxxxxxxxxxx (Per Hedeland)
Date: Mon, 3 Dec 2007 22:35:36 +0000 (UTC)

In article
<94482ae9-c609-45eb-b996-e75c1e6769ab@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Shantanu <idg.linux@xxxxxxxxx> writes:

Right now I am using tcpserver to control access from IPs to my
OpenSsh servers on my Linux or BSD boxes.
Is it natively possible in OpenSsh in stand alone mode?

Yes - though support for that is a compile-time option in the OpenSSH
build:

--with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)

- i.e. if you didn't build it yourself, it may not be present. A quick
check on a Linux (FC5) and a couple of FreeBSD boxes showed it as
present there though:

$ nm -D /usr/sbin/sshd | grep hosts_access
U hosts_access

If so how do I do it?

Same as any other daemon AFAIK, using "sshd" as the daemon process name.

--Per Hedeland
per@xxxxxxxxxxxx
.

Prev by Date: Re: getnameinfo failed when running on high ports
Next by Date: How to change SSH log location
Previous by thread: Re: getnameinfo failed when running on high ports
Next by thread: How to change SSH log location
Index(es):
- Date
- Thread

Relevant Pages

End of my rope
... I'm running Linux with OpenSSH and Windows with Putty. ... negotiation with an to an outside OpenSSH server on Linux. ... OpenSSH client on Linux outside my network hangs immediatly after ...
(SSH)
Re: Somebody is keep trying to ssh into my systems, how can I stop that?
... That means that you can NOT take what is true about OpenBSD ... to Linux because, as you point out here, Linux IS NOT BSD. ... OpenSSH is part of OpenBSD, but it also runs on Linux. ... anything with massive amounts of unrelated data the way you do. ...
(comp.os.linux.security)
Re: how to find out the version of a running sshd
... >> I have openssh sshd running on my linux 7.2. ... Just install the RedHat 7.2 updated RPM. ...
(comp.security.ssh)
Re: Openssh security
... doesn't use PrivSep and thus doesn't have its fragilities? ... addressed a *single one* of the real security bugs for OpenSSH. ... deployment broke OpenSSH for a lot of new users in lots of Linux ...
(comp.os.linux.security)
Re: hacked through ssh
... >>due to the old version of OpenSSH and the fact that I had SSH open up ... I'm aware of the exploitable problem. ... I found a post on a bulgarian linux website that quotes the exact same ...
(comp.security.ssh)