Find the answer to your Linux question:
Results 1 to 3 of 3
I have SSH connection only for specific IP's allowed at the router, i.e. all requests for port 22 are blocked except 2 custom services on the router allow SSH from ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2012
    Posts
    1

    hosts.allow vs hosts.deny


    I have SSH connection only for specific IP's allowed at the router, i.e. all requests for port 22 are blocked except 2 custom services on the router allow SSH from my home and a software vendor's office. Both addresses are in hosts.allow for sshd. If one of these addresses were in hosts.deny which file would control access?

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    I believe allow is read before deny. You should be able to google this.
    I prefer to use iptables for this.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    I generally dislike those setups. If - by any chance - ip addresses change (new ISP?) and somebody forgets to update the configuration (or notices the change later or is informed by the ISP too late or simply forgets that specific host) you have successfully firewalled yourself out of your administrator domain.

    There is at least one smarter way to secure ssh against bruteforce attacks that I know about: fail2ban

    It will monitor the ssh logfiles for failed login attempts and after hitting a treshold (i.e. 3 times) it will firewall the source for 15 minutes.

    Of course that helps only if you use one superstrong credential that can't be guessed and multiple ssh keys (my favorite) for employees that shouldn't know the superstrong master credential (and of course are not allowed to change it ).

    Cheers

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •