[wellylug] Securing my ssh box

Jim Cheetham jim at gonzul.net
Wed Aug 23 12:08:47 NZST 2006


On Wed, Aug 23, 2006 at 10:25:18AM +1200, David Antliff wrote:
> On Wed, 23 Aug 2006, Jethro Carr wrote:
> >If you connect to the web via a static IP, you should consider setting
> >the server to only permit that IP, and to drop traffic from all other
> >IPs to SSH. This is one of the easiest and more reliable security
> >changes you can make.
> 
> This is fairly straightforward to do with a firewall, however I was 
> wondering it there's a way to do this just with /etc/ssh/sshd_config?

Depending on build parameters, sshd probably honours tcpwrappers files;
slightly less nasty than firewall rule changes

-jim




More information about the wellylug mailing list