[PLUG] [Q] sshd restrict IP
Roderick A. Anderson
raanders at acm.org
Mon Aug 2 14:14:02 UTC 2004
On Mon, 2 Aug 2004, Matt Alexander wrote:
> First off, run SSH on a non-standard port, like maybe 20022 or
> something. Just change the line that starts with "Port" in your
> sshd_config file. That will stop most of the automated scripts.
Yes it should. Since I'm forced into using PuTTY on a Windows system at
work I'll see if it works with high range ports.
> Next, you can restrict SSH access to certain user names and IP
> addresses with this line:
> AllowUsers roderick at 1.2.3.4
Works well. The down side is it still answers the door and asks for a
password. (ssh roderick at myhost.mydomain.com). Of course this means a
Rumpelstiltskin attack is more difficult.
Rod
--
"Open Source Software - You usually get more than you pay for..."
"Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL"
More information about the PLUG
mailing list