[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Restricting ssh access to internet but not to internal network



Patrick wrote:
I have an server running sshd on Sarge. I want all users to be able to
access the computer from within the internal network - but restrict
access from the internet (to users in a particular group). Can this be
achieved by combining the /etc/hosts.allow or /etc/hosts.deny files and
the AllowGroup (or AllowUsers) options in sshd configuration file.

If so, how ?


Yes. To avoid errors, read the man pages first, but the files contain
comments and examples. You may also be able to use iptables to restrict
access to a few hosts or ranges, which makes life a bit safer.



Reply to: