[TriLUG] Limit ssh access
Kevin Hunter
khunter at rhoworld.com
Tue Jan 22 09:20:17 EST 2002
I'm seeing a lot of conflicting tips on the net on how to limit who
can ssh into my linux ( RH 7.2 ) box. Maybe it's my general level of
inexperience, but there doesn't seem t/b a consensus on this. I've
read that I should use tcp_wrapper, and that I cannot use tcp_wrapper
( I start sshd through a rc.d script, not from inetd/xinetd ). I've
seen reference to use "AllowGroups/AllowUsers" in the sshd_config
file and I've seen comments that you can't use this w/ any version of
openssh after 1.2 ( I have openssh 2.9p2-7 ).
I would greatly appreciate a recommendation from one of the seasoned
professionals on this list.
Does tcp_wrapper only work w/ daemons started w/in the inetd/xinetd
framework, or will it work w/ other tcp services started from
/etc/rc.d/init.d/ ??
Thx!!
KH
More information about the TriLUG
mailing list