nader napisal(a): > > i want to restrict ssh access to an ipfiltered host > in a fixed IP network. > But i want to ssh to this host from home (DHCP). > I thought about allowing ssh access from a host with > my MAC address. Is it possible to do with ipfilter? > Does anyone hast another idea?
It's not possible to filter by MAC address, since MAC addresses aren't transfered outside the local network. If you are connecting from a remote site, the only thing you know is an IP and domain address. Probably you can get a fixed domain address by using dynDNS services like www.no-ip.com, but I don't know if it is possible for ipfilter to filter by domain address and not by IP address. However, you can filter by domain address in the ssh daemon itself (/etc/ssh/sshd_config file), at least in OpenSSH. Other possibility: since you are connecting from home, your IP address is likely to change within a relatively small range, assigned by your ISP to it's customer lines. Isn't it acceptable for you to allow connections from that entire range? Regards, Jaroslaw Rafa [EMAIL PROTECTED] -- Spam, wirusy, spyware... masz dość? Jest alternatywa! http://www.firefox.pl/ --- http://www.thunderbird.pl/ Szybciej. Łatwiej. Bezpieczniej. Internet tak jak lubisz.
