From owner-freebsd-questions@FreeBSD.ORG Fri Apr 18 16:33:46 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 004991065670 for ; Fri, 18 Apr 2008 16:33:45 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id AC90E8FC15 for ; Fri, 18 Apr 2008 16:33:45 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JmtWy-0002nl-3M for freebsd-questions@freebsd.org; Fri, 18 Apr 2008 16:33:44 +0000 Received: from mar92-9-82-237-75-54.fbx.proxad.net ([82.237.75.54]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 18 Apr 2008 16:33:44 +0000 Received: from gilles.ganault by mar92-9-82-237-75-54.fbx.proxad.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 18 Apr 2008 16:33:44 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Gilles Date: Fri, 18 Apr 2008 18:33:35 +0200 Lines: 18 Message-ID: References: <2tng04doovnmtkr7or9kfkb596fgjfoj1c@4ax.com> <48086425.5080608@wire-consulting.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: mar92-9-82-237-75-54.fbx.proxad.net X-Newsreader: Forte Agent 3.1/32.783 Sender: news Subject: Re: [SSHd] Limiting access from authorized IP's X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2008 16:33:46 -0000 On Fri, 18 Apr 2008 10:04:37 +0100, FreeBSD - Wire Consulting wrote: >sshd(8) is part of the base system, which is a FreeBSD patched version of >OpenSSH. Although, you can find some ports of bulk OpenSSH in >/usr/ports/security. I don't have a firewall on that host because there's already a NAT router connecting the LAN to the Net. I'll just add the following to /etc/ssh/sshd_config, and restart the service: AllowHosts 192.168.0 82.x.x.x BTW, is the SSHd that comes with the system good enough, or should I upgrade to what's in /usr/ports/security/ssh2? Thanks