On Tue, Jul 25, 2006 at 04:42:07PM +1000, Martin Pool wrote: > On 25 Jul 2006, DaZZa <[EMAIL PROTECTED]> wrote: > > As I understand it, you can either enter IP addresses or hosts into > > hosts.allow to access services {I've got ALL:ALL in hosts.deny} > > > > So > > > > sshd:203.1.1.1 > > You can also restrict it in sshd.config > > AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED] > > which might be simpler
Yes, definitely worth mentioning as you can restrict to certain users. To me /etc/hosts.allow is easier as it includes all services. And it protects you from vulnerability bugs in sshd to an extent. Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html