Re: Restricting ssh access to internet but not to internal network

To: debian-security@lists.debian.org
Subject: Re: Restricting ssh access to internet but not to internal network
From: Joe <joe@jretrading.com>
Date: Fri, 25 Nov 2005 14:48:54 +0000
Message-id: <[🔎] dm7886$f59$1$8300dec7@news.demon.co.uk>
In-reply-to: <5cFpB-76f-13@gated-at.bofh.it>
References: <[🔎] 1132899251.218574.257950@z14g2000cwz.googlegroups.com>

Patrick wrote:

I have an server running sshd on Sarge. I want all users to be able to
access the computer from within the internal network - but restrict
access from the internet (to users in a particular group). Can this be
achieved by combining the /etc/hosts.allow or /etc/hosts.deny files and
the AllowGroup (or AllowUsers) options in sshd configuration file.

If so, how ?

Yes. To avoid errors, read the man pages first, but the files contain
comments and examples. You may also be able to use iptables to restrict
access to a few hosts or ranges, which makes life a bit safer.

Reply to:

References:
- Restricting ssh access to internet but not to internal network
  - From: "Patrick" <p_rynhart@hotmail.com>

Prev by Date: Re: What is a security bug?
Next by Date: Re: Restricting ssh access to internet but not to internal network
Previous by thread: Re: Restricting ssh access to internet but not to internal network
Next by thread: Re: Restricting ssh access to internet but not to internal network
Index(es):
- Date
- Thread