From owner-freebsd-questions@FreeBSD.ORG Fri Apr 18 09:13:54 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 77E03106566B for ; Fri, 18 Apr 2008 09:13:54 +0000 (UTC) (envelope-from jhary@unsane.co.uk) Received: from unsane.co.uk (unknown [IPv6:2001:470:1f08:110::2]) by mx1.freebsd.org (Postfix) with ESMTP id 71E148FC1F for ; Fri, 18 Apr 2008 09:13:53 +0000 (UTC) (envelope-from jhary@unsane.co.uk) Received: from prawn.unsane.co.uk (150.117-84-212.staticip.namesco.net [212.84.117.150]) (authenticated bits=0) by unsane.co.uk (8.14.0/8.14.0) with ESMTP id m3I9Dd4G054682 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 18 Apr 2008 10:13:40 +0100 (BST) (envelope-from jhary@unsane.co.uk) Message-ID: <4808664D.1060801@unsane.co.uk> Date: Fri, 18 Apr 2008 10:13:49 +0100 From: Vince Hoffman User-Agent: Thunderbird 2.0.0.12 (X11/20080409) MIME-Version: 1.0 To: Gilles References: <2tng04doovnmtkr7or9kfkb596fgjfoj1c@4ax.com> In-Reply-To: <2tng04doovnmtkr7or9kfkb596fgjfoj1c@4ax.com> X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: [SSHd] Limiting access from authorized IP's X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2008 09:13:54 -0000 Gilles wrote: > Hello > > I have a couple of questions about running SSHd: > > 1. I'd like to limit connections from the Net only from specific IP's. > It seems like there are several ways to do it (/etc/hosts.allow, > AllowHosts/AllowUsers, TCP-wrapper, port-knocking, etc.). Which would > you recommend? > I tend to use a firewall anyway so thats what works best for me, on machine that I dont firewall, /etc/hosts.allow (which is TCP-wrappers) is a good quick and easy solution. Its very much a "whatever works best for you" type question. > 2. Although it's up and running, I can't find SSHd in the list of > installed apps: > > $ which sshd > > /usr/sbin/sshd > > $ pkg_info | grep -i ssh > => Nada. How come? > ssh is part of the base system. Its also in ports so you can have a more recent version if you like or so you have have things like the ssh hpn patches (http://www.psc.edu/networking/projects/hpn-ssh/) etc etc. Vince > Thank you. > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"