Hi I want to be able to permit ssh access to servers over the internet in a way that limits that access to specific hardware (i.e. laptops with known hardware configurations and devices). So I am looking for some additional layer of security on top of the normal private key & certificate system in a way that would enable me to configure a pf rule that would, as an addition to other rules, only pass external connections to ssh port from external systems having the correct hardware/device specifications.
One way of doing this might be to filter looking for a packet containing the required information in encrypted form. If the data is valid then the originating IP address might (for example) be added for a limited time to a pass rule which would then enable the system to connect to the ssh port to login. Is this achievable? David _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
