Date: Tue, 7 Mar 2000 18:57:25 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: Randy Bush <randy@psg.com> Cc: Alex Michlin <alex@delete.org>, freebsd-security@freebsd.org Subject: Re: Host Secured Logon Message-ID: <Pine.BSF.4.21.0003071857040.8920-100000@hub.freebsd.org> In-Reply-To: <E12SQza-0000iQ-00@roam.psg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 7 Mar 2000, Randy Bush wrote:
> > Is there an easy way to secure shell accounts with the hostname of the
> > user (ie, only someone from *.anyisp.com can logon to shell1, and
> > *.myisp.com can logon to any shell)?
>
> i am not advocating doing this, as dns based security is weak, but use tcpd
> aka log_tcp and restrict the hosts in /usr/local/etc/hosts.allow.
Or you could use tcpd and restrict on source IP addresses, rather than
insecure DNS addresses.
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003071857040.8920-100000>