From owner-freebsd-questions Sat Nov 9 11:58: 5 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 95EC837B401 for ; Sat, 9 Nov 2002 11:58:04 -0800 (PST) Received: from madscience.volumen.net (hickey51.micro-mania.net [208.32.118.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id C3B4543E75 for ; Sat, 9 Nov 2002 11:58:03 -0800 (PST) (envelope-from shane@howsyournetwork.com) Received: from devo.volumen.net (devo.volumen.net [10.252.238.69]) by madscience.volumen.net (8.11.6/8.11.6) with ESMTP id gA9Jw3n01971 for ; Sat, 9 Nov 2002 12:58:03 -0700 Subject: ssh with pam_access? From: Shane Hickey To: freebsd-questions@freebsd.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10) Date: 09 Nov 2002 12:58:03 -0700 Message-Id: <1036871883.14532.60.camel@devo.volumen.net> Mime-Version: 1.0 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG First, lemme say that I foolishly asked this in freebsd-newbies (because I'm a freebsd newbie) but it turns out that it was the wrong forum. Anyway, what are people using to only allow ssh from certain addressees? I'm a recent FreeBSD convert, from Linux. In linuxland I used both iptables and then I would edit /etc/pam.d/sshd and add this line account required /lib/security/pam_access.so to enable the pam module that allowed me to specify hosts/networks in /etc/security/access.conf. I'd rather not do tcp wrappers. Is there an equivalent way to do this with pam in FreeBSD? I know about ipfilter and I'll be doing that, I just like to have another layer. Thanks, Shane To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message