We want to block all access to SSH, except for two IP addresses. One address is dynamic, it starts with 124.567.890.xxx where xxx is changing all the time. I read that you can do this by changing /etc/hosts.allow? How can we do this?
Asked
Active
Viewed 7,749 times
1 Answers
5
This should be as trivial as
sshd : 124.567.890. : allow
Sergei
- 1,216
- 16
- 24
-
Thanks, and multiple addresses? – Kevin Dec 31 '11 at 10:14
-
1Nvm, found it: sshd: `83.83.83.83 127.0.0.1 83.83.83.84 192.168.1.1` – Kevin Dec 31 '11 at 10:18
-
1In /etc/hosts.deny, you'll need to put in "sshd: ALL", so your combined rule will be deny all, allow X. – cjc Dec 31 '11 at 10:29
-
Thanks, and how can I test the security? We only have one IP address right here. – Kevin Dec 31 '11 at 10:33
-
Is this relevant to your question? http://serverfault.com/questions/185153/free-public-ssh-server-for-testing-purposes – Sergei Dec 31 '11 at 10:52