Can we use black list/whitelist feature? -Garima Jain On Jun 20, 2016 10:12 PM, "elijah baley" <[email protected]> wrote:
> There are many options - depending on the actual setup: > - You can move SSHD to a non-standard port on all interfaces - easy to do > when setting up the server - just call "setPort" on the SshServer instance- > You can bind SSHD to a specific interface (e.g., 127.0.0.1)om port 22 and > bind SFTP to the public interface on port 22 - easy to do just call > "setAddress" (or something to that effect) on the SshServer instance > I could think of more exotic options - e.g. similar to sslh, using > HAPROXY, etc., etc. > > From: [email protected] > > Date: Mon, 20 Jun 2016 12:10:26 +0530 > > Subject: Re: Partial Disabling of port 22 using apache-mina SSHD > > To: [email protected] > > > > Hi elijah, > > > > The requirement is to block port 22 for SSH and accept SFTP connections > on > > Port 22. Is there a class/method that can help us achieve the aim? > > > > -Garima Jain. > > > > On Fri, Jun 17, 2016 at 3:27 PM, elijah baley <[email protected]> > wrote: > > > > > Is there some reason your code cannot examine the incoming client > address > > > and reject it if it does not match some specified criteria (e.g., mask, > > > network, closed group of IPs - whatever...) ? > > > > > > > From: [email protected] > > > > Date: Fri, 17 Jun 2016 14:50:51 +0530 > > > > Subject: Partial Disabling of port 22 using apache-mina SSHD > > > > To: [email protected] > > > > > > > > Hi, > > > > > > > > > > > > > > > > We are using com.springsource.org.apache.mina-1.0.2.jar in our > product. > > > > The requirement is to disable port 22 for all incoming traffic over > SSH > > > but > > > > the same port is required to communicate with few IP’s over 22. Is > there > > > a > > > > way to handle selective port blocking? > > > > > > > > > > > > -Garima Jain. > > > > > > >
