[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SSH password attacks
Carl A. Schreiber wrote:
a question about a (SuSE)Firewall-Login:
Is there a possibility (most probably) to restrict the ssh-access (user and
root) to the firewall to certain (local) networks like 10.10.10.*?
Am I on the right way that I must change
Here I should change
(with this only from the 10.10.10.0 net a user can login,
root login is denied anyway)
But _only_ this?
For me there is no need to protect from 'inside' as it is only me.
What exactly are you trying to accomplish?
If you want to only allow SSH from the internal network, including root,
use the rollowing in sshd_config:
ListenAddress 10.10.10.5 (or whatever the IP of the server is)
This will prevent anyone from connecting to ssh from the external
network, and allow even root to login from internal. In general, this
is not desirable, but if it's what you want, that's how you do it.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here