From owner-freebsd-questions@FreeBSD.ORG  Mon Feb  6 17:18:07 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7907016A420
	for <freebsd-questions@freebsd.org>;
	Mon,  6 Feb 2006 17:18:07 +0000 (GMT) (envelope-from albi@scii.nl)
Received: from post-23.mail.nl.demon.net (post-23.mail.nl.demon.net
	[194.159.73.193])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E8E2B43D55
	for <freebsd-questions@freebsd.org>;
	Mon,  6 Feb 2006 17:18:06 +0000 (GMT) (envelope-from albi@scii.nl)
Received: from aseed.demon.nl ([83.160.138.119]:9902 helo=assata.aseed.net)
	by post-23.mail.nl.demon.net with esmtp (Exim 4.51)
	id 1F6A03-0008Hy-8M; Mon, 06 Feb 2006 17:18:03 +0000
Received: from http.aseed.antenna.nl (unknown [192.168.0.50])
	by assata.aseed.net (Postfix) with ESMTP id 07BDE2A0755;
	Mon,  6 Feb 2006 18:23:57 +0100 (CET)
Received: from localhost.localdomain (217-19-30-147.dsl.cambrium.nl
	[217.19.30.147])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by http.aseed.antenna.nl (Postfix) with ESMTP id 45B7558C6BE;
	Mon,  6 Feb 2006 18:22:51 +0100 (CET)
Date: Mon, 6 Feb 2006 18:17:56 +0100
From: albi <albi@scii.nl>
To: Kevin Kinsey <kdk@daleco.biz>
Message-Id: <20060206181756.45bbf665.albi@scii.nl>
In-Reply-To: <43E7816B.7040300@daleco.biz>
References: <20060206162304.GA83056@gilmer.org> <43E7816B.7040300@daleco.biz>
X-Mailer: Sylpheed version 2.1.1 (GTK+ 2.8.6; i486-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: bgilmer@gilmer.org, freebsd-questions@freebsd.org
Subject: Re: sshd possible breakin attempt messages
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2006 17:18:07 -0000

On Mon, 06 Feb 2006 11:03:39 -0600
Kevin Kinsey <kdk@daleco.biz> wrote:

>      1.  edit /etc/ssh/sshd_config and make sure that only the right
> users and such are allowed to login, and via the right methods.
> 
>      2.  If the situation allows, you can wrap sshd
> via /etc/hosts.allow to only allow logins from certain IP addresses
> (i.e., wherever you intend to admin this box from).

you can also do this in /etc/ssh/sshd_config like for example : 

AllowUsers jane@10.1.1.1 joe@192.168.0.254 mary@194.109.9.*

-- 
grtjs, albi
gpg-key: lynx -dump http://scii.nl/~albi/gpg.asc | gpg --import