Mailinglist Archive: opensuse (4634 mails)

< Previous Next >
Re: [opensuse] block failed ssh login attacks? (like fail2ban on ubuntu)
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Wed, 20 Dec 2006 08:41:07 +0100
  • Message-id: <emapej$n31$1@xxxxxxxxxxxxxxxx>
Patrick Shanahan wrote:

> * J Sloan <joe@xxxxxxxxxx> [12-19-06 21:06]:
>> hmm, I always limit the allowed IPs in hosts.{deny.allow} and also
>> limit the list of users who can login via ssh in sshd_config - saves
>> a lot of overhead if we just close the door, rather than trying to
>> dance with these folks...
>
>
> Yes, best practice but not practical if you run a server for public
> access. Or is there a way to *only* block ssh access and allow http?

By IP-address with hosts.deny/allow ? Sure. See "man 5 hosts_access".



/Per Jessen, Zürich

--
http://www.spamchek.com/ - managed email security.
Starting at SFr4/user/month.

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >