holger glaess wrote:
hi
i hope this list is the right one for my question .
i look for an funktion to limit the login by name AND ip range.
example.
root login ALLOW from www.xxx.yyy.zzz
deny from all
myname login ALLOW from all
deny from www.xxx.yyy.zzz
if there exist an feature / funktion of sshd to do this or i need an additional
software ?
i diden4t wan4t to start an diskussion about security and why i have permit to
login as root.
holger
I think this request looks kinda silly....
use pf
block quick log on $ext_if proto { tcp udp } from <bad_people> to any
to keep out those you don't want on that you know you don't want on.
Require certs with passwords, no tunneled plaintext passwords.
You don't HAVE to allow root logins, make people login as themselves and
su, or better sudo.