On Fri, Jul 23, 2004 at 01:20:12PM +0100, Graham Bentley wrote:
Wondered what is the best way to do this ?
Do I have to get involved with host.allow / deny or better to use the sshd config ?
The hosts.allow states: # Wrapping sshd(8) is not normally a good idea, but if you # need to do it, here's how #sshd : .evil.cracker.example.com : deny
Another way would be to implement this behavure with a firewall like ipfw or ipf.
/etc/ssh/sshd_config is also an option. From man sshd_config:
Specifies the local addresses sshd should listen on. The follow-
ing forms may be used:
ListenAddress host|IPv4_addr|IPv6_addr ListenAddress host|IPv4_addr:port ListenAddress [host|IPv6_addr]:port
If port is not specified, sshd will listen on the address and all
prior Port options specified. The default is to listen on all
local addresses. Multiple ListenAddress options are permitted.
Additionally, any Port options must precede this option for non
port qualified addresses.
Peter. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"