Hello! >-----Original Message----- >From: Anne Carasik [mailto:[EMAIL PROTECTED] >Sent: Monday, July 07, 2003 5:05 PM >To: [EMAIL PROTECTED] >Cc: [EMAIL PROTECTED] >Subject: Re: configure ssh-access > > >Why not just limit the access through SSH public key? >It sounds like that would accomplish what you're trying >to do.
I think this problem should not be solved with configuring sshd. I solved it with iptables script which resolv my dynamic host every 5mins, and then reload the firewall if needed. A ssh solution has the disadvantage that if it is buggy, a sshd config change might not save your box from unallowed access. That is my i block my ssh daemon, cause the posibility is there that there might be a ssh exploit soon ;) In my eyes a combination of a sshd config solution and a iptables rule would properly do its joy quite safely. Yours, Mario > >-Anne > >[EMAIL PROTECTED] grabbed a keyboard and typed... >> Hi! >> >> I want to make ssh-access possible only from a restricted >> number of hosts - those that are named in /etc/hosts.allow. >> Users who want to login have a DynDNS host-name that shall >> be listed in hosts.allow to make it possible for users with >> a dial-up internet connection, too. >> >> BUT: >> The problem is that I can only login to the ssh-machine >> when I enter the IP-address to the hosts.allow file. >> Specifying the hosts DNS-name does not work! >> >> AND: >> I'd prefer to specify the rules for loggin into the machine >> in the sshd_config-file, not in hosts.allow/deny. >> But the AllowHosts/DenyHosts-options that could be used in >> /etc/sshd_config earlier seem to be not any >> longer available at the SSH-version I'm using. >> It's: openssh-3.4p1-80 on a SuSE 8.1 >> >> Has anybody ideas in this 2 problems? >> >> thx in advance, >> Klaus >> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]