ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



John Merritt wrote:

>
> I tried to secure ssh better by putting in an AllowUsers line in 
> sshd_config. Then I thought tcp wrappers and just putting in my own 
> addresses in /etc/hosts.allow would be even better, until I found out 
> that all mail to my email server would be rejected.
>
There should be no problem here.  Just disallow everything in 
/etc/hosts.deny and then enable particular ip addresses for sshd.  And 
also enable the appropriate addresses for other services that you want 
to be available to various IP addresses.  You can use the word ALL to 
indicate no restriction. e.g.:

sendmail:ALL

man hosts.allow should get you the information that you need. 

But if you are remote to the machine, be careful you don't lock yourself 
out!

-Steve


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux