Auctally ssh has wrapers built into it that work much better then tcpd.
Checkout the AllowUsers and AllowHosts in the documentation of ssh.
I also recently wrote a patch that extends the function of the ssh wrapers
for version 1.2.27, if your intrested it and the readme can be found on
www.sonn.com/~gersh/ssh
Gerry Bash [Gersh | cruid @ EFnet.irc] - Unix Security Admin
"\xeb\x03\x5f\xeb\x05\xe8\xf8\xff\xff\xff\x31\xd2\xb2\x0a\x31\xc9"
"\xb1\x1a\x01\xf9\x31\xdb\xb3\x01\x31\xc0\xb0\x04\xcd\x80\x31\xc0"
"\xb0\x01\xcd\x80\x44\x4f\x4f\x54\x20\x44\x4f\x4f\x54\x0a\x00";
On Thu, 14 Oct 1999, Anthony T Moran wrote:
>
>
> You said:
>
> >
> > Hello,
> >
> > Do you kmown if there is a way to limite the access to a machine? There is
> > a way to configure which users can access a machine using ssh?
> >
> > Thanks in advance,
>
> Hi.
>
> Best way to do this is to use TCP Wrappers.
> ftp://ftp.porcupine.org/pub/security/index.html
>
> Unfortunately, you need to afair, need to compile this into ssh (?)
> See the FAQ's etc.
>
> In any case though, if you have felt it necessary to use ssh in the first
> place, then you definitely should use TCP Wrappers to limit and
> monitor access to services on your machine/s as well. Good thing about
> using ssh with TCP Wrappers is that it provides some basic logging of
> incoming ssh usage on your machine, unless you are using the commercial
> version of ssh which does that for you.
>
> Have fun, Tony
>
>
>
>
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> "He who will not reason is a bigot; he who cannot is a fool;
> and he who dares not is a slave." - Sir William Drummond
>
> We don't inherit the Earth from our ancestors, we borrow it from our kids
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
>
>
