[Lilux-help] Help with nmap (and ssh)
Lionel Elie Mamane
lionel at mamane.lu
Tue Jan 27 21:37:10 CET 2004
On Tue, Jan 27, 2004 at 08:27:17PM +0100, Serge Marelli wrote:
> About ssh, is there a way how I can set up some identification so
> that only specific remote users or users from specific hosts may
> connect to my system through ssh?
In /etc/ssh/sshd_config
AllowGroups
AllowUsers
DenyGroups
DenyUsers
This is about local users, not remote users, but I guess that this is
what you meant. Restricting by remote user is "obviously impossible"
in the general case.
To do limitation based on host, if ssh uses tcpwrappers you can use
/etc/hosts.{allow,deny} as Eric said, else use iptables (ipchains if
you are using Linux 2.2).
> Would "anyone" be able to connect (assuming s/he
> knows a username & password on my system)?
If that username is allowed to connect by SSH, yes.
--
Lionel
More information about the Lilux-help
mailing list