On Sat, 2004-09-11 at 14:50, Darren Kirby wrote: > Are MAC addresses unique for all ethernet cards? theoretically, yes. > What I would like to know is > could I use this rule to allow ssh connections ONLY from my notebook no > matter what its current IP address happens to be, and drop all other > connection requests? yes--as long as "notebook" and "ssh server" are on the same network. keep in mind--nothing prevents "badguy" from configuring his NIC to have the same MAC as your "notebook" if you're worried about security of "ssh server"--disable PasswordAuthentication and only allow RSAAuthentication and/or PubkeyAuthentication. stealing your IP and MAC is much more likely than someone stealing your private key (hopefully). you could also create a reservation for your MAC in the DHCP server, and filter based upon your (now) fixed IP. -j -- Jason Opperisano <opie@xxxxxxxxxxx>
