Date: Sun, 26 Mar 2006 14:07:34 -0600 From: "Kelly D. Grills" <kdgrills@the-grills.com> To: freebsd-questions@freebsd.org Subject: Re: Tightening up ssh Message-ID: <20060326200733.GF752@the-grills.com> In-Reply-To: <4426F0EB.5040109@shaw.ca> References: <4426F0EB.5040109@shaw.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sun, Mar 26, 2006 at 11:52:11AM -0800, Graham North wrote: > > Does this mean that there is a way to run ssh, but only allow certain users > to use it. My default seems to have been that if someone has a username > and password they can access ssh (except root as "PermitRootLogin no" is > the default). The ssh port seems to be the most heavily attacked one on > my machine and so I recently took to blocking port 22. My preference > would be to enable it to only one user and give them an obscure username > and strong password. Root is not currently allowed access by default in > the setup. > > Is this the approach that you alluded to above? Can you point me to some > information or provide some tips. > Thanks, Graham/ > See SSHD_CONFIG(5), specifically the AllowUsers keyword. -- Kelly D. Grills kdgrills@the-grills.com [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) Comment: PGP key: mailto:kdgrills-pgpkey@the-grills.com iD8DBQFEJvSE7inS5LzF7HMRAh+HAJ9gJNhyFvyGxrG5sn2WEaFF1Z94/gCfVZEf mOrvWZO75EVQb0GoMJH5Mi4= =cSdK -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060326200733.GF752>