NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SSH restricted access based on IP
Hi, Since my router firewall isn't working properly I'm wondering right now what would be best method to restrict SSH access based on IP address. Right now I have one user who is authenticating wi...
I would go for the hosts.allow/hosts.deny approach for it is the easiest to remove again later and it works like a charm. As to your question (emphasis by me):
So your example would work, you may want to change the "ALL" into "PARANOID" in the hosts.deny for added security ;)
-Stefan
ACCESS CONTROL FILES
The access control software consults two files. The search stops at the first match:
o Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file.
o Otherwise, access will be denied when a (daemon,client) pair matches an entry in the
/etc/hosts.deny file.
o Otherwise, access will be granted.
A non-existing access control file is treated as if it were an empty file. Thus, access control can be
turned off by providing no access control files.
So your example would work, you may want to change the "ALL" into "PARANOID" in the hosts.deny for added security ;)
-Stefan
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
