Frank Murphy wrote: > Tim wrote: >> On Sat, 2008-08-30 at 08:09 +0100, Frank Murphy wrote: >>> What do I do to only allow remote access via ssh to my centos box. >>> From my laptop F9+, or an F9+ usb-stick >> What do you mean by "only allow"? You want to block all ports except >> for what SSH uses? It should have a firewall configurator to make that >> easy for you, untick all the options except for ssh. >> >> Write again if you need more info. >> > > I mean only allow ssh access from those two scenarios, > my laptop + an F9 usb-stick. > > because there are attempts by "fluffy" and other(s) to access the box. > > Frank > > > This article has a lot of the tips I've used to make my SSH server more secure. You might want to look at using DSA public key authentication to limit the logins like you requested. http://www.linux.com/feature/61061 I do like to have my SSH server password accessible, so I've set AllowUsers and run Denyhosts. Denyhosts is like the other program that locks out certain users that have failed logging in so many times, except it has a server that you report banned IPs and the server feeds you the IPs reported by everyone else. That way all the active bots trying to crack SSH servers are mostly locked out already. And remember to pick a strong passphrase if you leave this available. Jason -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
