[Bug 1698317] Re: AllowUsers *@*.local in /etc/ssh/sshd_config does not work
If you want to block access to the local LAN only, then that is correct. My best suggestion would be to secure your SSH and thus not worry so much if it's accessed by some other host on the network. If you restrict it to one user, have a very secure password and/or SSH key only then your attack surface is relatively limited. But that's a personal choice ultimately. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1698317 Title: AllowUsers *@*.local in /etc/ssh/sshd_config does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1698317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1698317] Re: AllowUsers *@*.local in /etc/ssh/sshd_config does not work
Thanks for that. Disappointing. Presumably means that every time I take my server laptop to a new WiFi network I will have to alter /etc/ssh/sshd_config. I am currently using AllowUsers *@192.168.0.??? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1698317 Title: AllowUsers *@*.local in /etc/ssh/sshd_config does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1698317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1698317] Re: AllowUsers *@*.local in /etc/ssh/sshd_config does not work
Likely the reason this doesn't work, is because nss-mdns does not resolve reverse DNS for IP addresses other than the link local range (169.254.0.0/16). This is by design and per-spec. So this will never work, you'll need to look at either: (1) using the IP address range (according to the sshd_config man page you can use a CIDR range), or (2) setting up a local real DNS zone synchronised with your DHCP server so that it sets up something like hostname.lan with matching reverse DNS. ** Changed in: openssh (Ubuntu) Status: New => Invalid ** Changed in: avahi (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1698317 Title: AllowUsers *@*.local in /etc/ssh/sshd_config does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1698317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1698317] Re: AllowUsers *@*.local in /etc/ssh/sshd_config does not work
** Also affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1698317 Title: AllowUsers *@*.local in /etc/ssh/sshd_config does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1698317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs