Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
ssh_server_configuration [2010/07/25 23:01] henri |
ssh_server_configuration [2010/07/26 04:08] henri |
||
---|---|---|---|
Line 25: | Line 25: | ||
</file> | </file> | ||
- | An other possibility is to add the following into the /etc/pam.d/sshd file if you wish to restrict root logins only from a specific IP address, in this case 192.168.1.2. This configuration will allow other users to still login to the system from any address. | + | An other possibility is to add the following into the /etc/pam.d/sshd file if you wish to restrict root logins only from a specific IP address, in this case 192.168.1.2. If you use this approach you should test that after a restart of the system every thing is working as expected. Finally, keep in mind that managing this with PAM is potentially another complexity you are adding to your system. |
<file> | <file> | ||
Line 64: | Line 64: | ||
* [[http://chaucer.homeunix.net/pages/download.php|Great resources, including a script which will deny access to IP addresses which launch SSH attacks]]. | * [[http://chaucer.homeunix.net/pages/download.php|Great resources, including a script which will deny access to IP addresses which launch SSH attacks]]. | ||
* This kind of security system is very good. However, you must be carful to not lock yourself out from your own system. | * This kind of security system is very good. However, you must be carful to not lock yourself out from your own system. | ||
+ | * [[http://www.fedorasolved.org/post-install-solutions/securing-ssh|Fredora Securing SSH]] | ||
+ | * [[http://static.closedsrc.org/articles/dn-articles/hosts_allow.html|Limiting Access to TCP-wrapped Services with hosts.allow]] |