* Mark Maas <mark@menem.mine.nu> [041116 16:52]: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi All, > > I'm trying to restrict access to my ssh server from the outside to > allow only two IP adresses and the internal lan ofcourse. > And deny access to everyone else. > > People are trying the guess a username and password tactic a little > too much to my liking... > > Do I use hosts.deny, hosts.allow for this? If so, which one takes > precedence? Deny everything (except what you explicitly allow in hosts.allow) # hosts.deny ALL: ALL # hosts.allow ssh: xxx.xxx.xxx.xxx, yyy.yyy.yyy.yyy Alternatively to allow everyone on your local network (assuming the standard 192.168 setup), you could do something like # hosts.allow ssh: 192.168.0.0/255.255.255.0 Cheers, Nick. -- Debian 3.1 Linux twofish.gotdns.org 2.6.9-looxt93c2 i686 GNU/Linux
Attachment:
signature.asc
Description: Digital signature