675,865 reviews,
402 today

hav0c · 04-03-2004, 08:22 AM

Ok i'm trying to have my system reject all connections to SSHD except from 3 IP address(2 are lan IPs). I'm using FreeBSD and it only has a hosts.allow ( it said hosts.deny is deprecated and only to use hosts.allow). Ok so here is what I have in my hosts.allow for sshd.

# sshd server
sshd : 192.168.1.1 : allow
sshd : 192.168.1.2 : allow
sshd : 192.1.xx.xx : allow
sshd : ALL : deny

Ok the last IP address that i'm wanting to allow is from my shell provider. Even after these rules are in place I can still ssh to my box from any IP. I might be doing something worng? Can anyone help?

crouse · 04-03-2004, 11:20 AM

Your hosts.deny should have a single line that says:

ALL:ALL

Your hosts.allow should have a line for each host you want to allow:

# sshd server
sshd : 192.168.1.1 : allow
sshd : 192.168.1.2 : allow
sshd : 192.1.xx.xx : allow

675,865 reviews, 402 today

675,865 reviews,
402 today