[TriLUG] Questions on SSH
Roy Vestal
rvestal at trilug.org
Mon Dec 2 16:14:11 EST 2002
I want to lock out all machines at domain.org except machine1.domain.org,
machine2.domain.org, etc.
So i'm assuming based on what you have here is to put the following in
hosts.deny and leave hosts.allow blank?:
ALL: ALL EXCEPT machine1.domain.org, machine2.domain.org
???
----- Original Message -----
From: "Scott Stancil" <sstancil at geekrooms.com>
To: <trilug at trilug.org>
Sent: Monday, December 02, 2002 2:35 PM
Subject: Re: [TriLUG] Questions on SSH
>
> > I have a security question. I have a linux box that I only want certain
> > folks to get to. Yes, ssh is installed. My question is on the
> > hosts.allow, hosts.deny files.
> >
> > I've been trying to figure out the setup. What I want to do is set
> > ALL:ALL in hosts.deny and only allow certain machines to connect with
> > the ability to do "all".
> >
> > Here's what I have in hosts.allow so far:
> >
> > ALL: machine1.domain.org, machine2.domain.org
> >
> > Do I need the full resolved name? Is this the best way of setting this
> > up?
>
>
> ALL: .domain.org EXCEPT machine42.domain.org
>
> or
>
> ALL: 192.168.1.0/255.255.255.0
>
> I think either of these examples should work for what you are trying to
> do...depends on how you can group them.
>
>
> --
> Scott Stancil
> sstancil at geekrooms.com
>
>
>
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
> http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
>
>
More information about the TriLUG
mailing list