Re: hosts.allow - Re: intrusion via ssh
On Thu, 31 Mar 2005, Brad Sims wrote:
> Then what should I use for /hosts.deny /hosts.allow?
> I set it up as per the example in the manpage for hosts_access...
>
> I /do/ see your point on the only allowing sshd access though...
/etc/hosts.deny
ALL : ALL
/etc/hosts.allow
#
# you allow only this 1 machine to ssh into your box ( this box )
# from that box
#
sshd : 192.168.1.123
they can have sniffed your login and pwd but they won't be able to
get in from any machine other than a trusted/secure machine 192.168.1.123
( supposedly secure anyway )
- dont forget to restart sshd ... and also disallow remote root logins
and the rest of the passwd vs passphrase and keys
- for using host keys files, supposedly, anybody that gets
those key files now have access to the target box
- host key files are not always unique unless it is locally
generated, but does not have to be generated on that machine
( people copy it around all the time - a bad idea )
- semi-endless of additional stuff to do or not do .. for ssh logins
c ya
alvin
Reply to: