On Tue, 2004-11-16 at 10:55 +0000, michael wrote: > > On Tue, 2004-11-16 at 08:50 +0100, Mark Maas wrote: > >> I'm trying to restrict access to my ssh server from the outside to > >> allow only two IP adresses and the internal lan ofcourse. > >> And deny access to everyone else. > > > > Besides the allready mentioned iptables and hosts.allow/deny mechanisms > > you can also limit this somewhat in SSH itself: > > > > in /etc/ssh/sshd_config > > AllowUsers <valid usernames for ssh> > > but which ssh are you using? it does not seem to be in > OpenSSH_3.8.1p1 Debian-8.sarge.3, OpenSSL 0.9.7d 17 Mar 2004 ssh -v tells me: OpenSSH_3.8.1p1 Debian-8.sarge.3, OpenSSL 0.9.7e 25 Oct 2004 # grep AllowUsers /etc/ssh/sshd_config AllowUsers user1 user2 user3 See man sshd_config AllowUsers This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. '*' and '?' can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts. -- Mark Janssen -- maniac(at)maniac.nl Unix / Linux, Open-Source and Internet Consultant PGP: 0x357D2178 Skype: markmjanssen ICQ: 129696007
Attachment:
signature.asc
Description: This is a digitally signed message part