[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] safety with scp



Ralf Ronneburger wrote:

piet wrote:

Good morning group,

I want to access my server(home based SuSE-box) through the Internet
so I can upload images with winscp from my XP-laptop.
Is it safe to just open port 22 for the external world,
or do I need extra safety measures?
regards,
piet

Hi Piet,

also take a look at scponly and use this as a shell for your
upload-user. It locks the remote user into a chroot-environment, so the
damage that the remote-user can do is limited.

Greetings,

Ralf

Also do this:
1: Configure tcp wrappers to limit access to only neccessary networks / IP's. 2: Use iptables ( yast2 firewall configurator works fine ) to limit access to only neccessary networks / IP's.

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here