On Tue, Jul 25, 2006 at 04:42:07PM +1000, Martin Pool wrote:
> On 25 Jul 2006, DaZZa <[EMAIL PROTECTED]> wrote:
> > As I understand it, you can either enter IP addresses or hosts into
> > hosts.allow to access services {I've got ALL:ALL in hosts.deny}
> >
> > So
> >
> > sshd:203.1.1.1
>
> You can also restrict it in sshd.config
>
> AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED]
>
> which might be simpler
Yes, definitely worth mentioning as you can restrict to
certain users.
To me /etc/hosts.allow is easier as it includes all services.
And it protects you from vulnerability bugs in sshd to an extent.
Matt
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
