Date: Sun, 26 Mar 2006 14:07:34 -0600 From: "Kelly D. Grills" <kdgrills@the-grills.com> To: freebsd-questions@freebsd.org Subject: Re: Tightening up ssh Message-ID: <20060326200733.GF752@the-grills.com> In-Reply-To: <4426F0EB.5040109@shaw.ca> References: <4426F0EB.5040109@shaw.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--KlAEzMkarCnErv5Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Mar 26, 2006 at 11:52:11AM -0800, Graham North wrote: >=20 > Does this mean that there is a way to run ssh, but only allow certain use= rs=20 > to use it. My default seems to have been that if someone has a username= =20 > and password they can access ssh (except root as "PermitRootLogin no" is= =20 > the default). The ssh port seems to be the most heavily attacked one on= =20 > my machine and so I recently took to blocking port 22. My preference=20 > would be to enable it to only one user and give them an obscure username= =20 > and strong password. Root is not currently allowed access by default in= =20 > the setup. >=20 > Is this the approach that you alluded to above? Can you point me to som= e=20 > information or provide some tips. > Thanks, Graham/ >=20 See SSHD_CONFIG(5), specifically the AllowUsers keyword. --=20 Kelly D. Grills kdgrills@the-grills.com --KlAEzMkarCnErv5Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) Comment: PGP key: mailto:kdgrills-pgpkey@the-grills.com iD8DBQFEJvSE7inS5LzF7HMRAh+HAJ9gJNhyFvyGxrG5sn2WEaFF1Z94/gCfVZEf mOrvWZO75EVQb0GoMJH5Mi4= =cSdK -----END PGP SIGNATURE----- --KlAEzMkarCnErv5Q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060326200733.GF752>