Re: hosts.allow - Re: intrusion via ssh

To: Brad Sims <bmsims1@insightbb.com>
Cc: debian-user@lists.debian.org
Subject: Re: hosts.allow - Re: intrusion via ssh
From: Alvin Oga <aoga@mail.Linux-Consulting.com>
Date: Thu, 31 Mar 2005 18:25:40 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1050331181954.25367A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 200503311940.10081.bmsims1@insightbb.com>

On Thu, 31 Mar 2005, Brad Sims wrote:

> Then what should I use for /hosts.deny /hosts.allow?
> I set it up as per the example in the manpage for hosts_access...
> 
> I /do/ see your point on the only allowing sshd access though...

/etc/hosts.deny
	ALL : ALL

/etc/hosts.allow
	#
	#  you allow only this 1 machine to ssh into your box ( this box )
	# from that box
	#
	sshd : 192.168.1.123

they can have sniffed your login and pwd but they won't be able to
get in from any machine other than a trusted/secure machine 192.168.1.123
	( supposedly secure anyway )

- dont forget to restart sshd ... and also disallow remote root logins
  and the rest of the passwd vs passphrase and keys
	- for using host keys files, supposedly, anybody that gets
	those key files now have access to the target box

	- host key files are not always unique unless it is locally
	generated, but does not have to be generated on that machine
	( people copy it around all the time - a bad idea )

- semi-endless of additional stuff to do or not do .. for ssh logins 

c ya
alvin

Reply to:

References:
- Re: hosts.allow - Re: intrusion via ssh
  - From: Brad Sims <bmsims1@insightbb.com>

Prev by Date: Re: intrusion via ssh
Next by Date: Re: provider in Italy
Previous by thread: Re: hosts.allow - Re: intrusion via ssh
Next by thread: Re: intrusion via ssh
Index(es):
- Date
- Thread