Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] ssh
  • From: Armin Schöch <schoech@xxxxxxxxxxxx>
  • Date: Sun, 20 Jan 2002 23:55:01 +0000 (GMT)
  • Message-id: <Pine.LNX.4.33.0201202351250.20184-100000@xxxxxxxxxxxxxxxxxxxxx>
Hello Guido !

> I just have installed SuSEfirewall2 from SuSE 7.3.
> For logging in from a foreign host I've opened the port 22 for connections
> via ssh. At the moment I can log in via SSH from all hosts. In which file can
> I define that login is only allowed from one single host?

The file you are looking for is /etc/hosts.allow
You should put a line like this in:
sshd: your.ip.goes.here hostname.domain

And a line in /etc/hosts.deny:
sshd: ALL

This prevents the SSH daemon to connect with other hosts. I have not
used SuSEfirewall yet so I can't tell you how you can do it with the
firewall. I think you should study the comments in the firewall
configuration file
rc.firewall.config (or something like this).

HTH,
Armin

----------------------------------------------
at the office: Institut für Atmosphärenphysik
Schlossstraße 6
D-18225 Kühlungsborn
Tel. +49-(0)38293-68-102


< Previous Next >
References