Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 23 Jul 2004 14:39:37 +0200
From:      Alex de Kruijff <freebsd@akruijff.dds.nl>
To:        Graham Bentley <gbentley@uk2.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Best way to limit SSH to LAN IP's only ?
Message-ID:  <20040723123936.GA795@alex.lan>
In-Reply-To: <3.0.6.32.20040723132012.007d8e50@mail.uk2.net>
References:  <20040723120102.009B116A4DF@hub.freebsd.org> <3.0.6.32.20040723132012.007d8e50@mail.uk2.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 23, 2004 at 01:20:12PM +0100, Graham Bentley wrote:
> 
> Hi All,
> 
> Wondered what is the best way to do this ?
> 
> Do I have to get involved with host.allow / deny
> or better to use the sshd config ?

Hi,

The hosts.allow states:
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny

Another way would be to implement this behavure with a firewall like
ipfw or ipf.

-- 
Alex

Articles based on solutions that I use:
http://www.kruijff.org/alex/FreeBSD/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040723123936.GA795>