From owner-freebsd-newbies  Fri Nov  8 16:21:42 2002
Delivered-To: freebsd-newbies@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A060937B401
	for <freebsd-newbies@freebsd.org>; Fri,  8 Nov 2002 16:21:41 -0800 (PST)
Received: from madscience.volumen.net (hickey51.micro-mania.net [208.32.118.51])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7A33043E42
	for <freebsd-newbies@freebsd.org>; Fri,  8 Nov 2002 16:21:40 -0800 (PST)
	(envelope-from shane@howsyournetwork.com)
Received: from devo.volumen.net (devo.volumen.net [10.252.238.69])
	by madscience.volumen.net (8.11.6/8.11.6) with ESMTP id gA90LYn16752
	for <freebsd-newbies@freebsd.org>; Fri, 8 Nov 2002 17:21:34 -0700
Subject: ssh with pam?
From: Shane Hickey <shane@howsyournetwork.com>
To: freebsd-newbies@freebsd.org
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10) 
Date: 08 Nov 2002 17:21:33 -0700
Message-Id: <1036801294.14458.44.camel@devo.volumen.net>
Mime-Version: 1.0
Sender: owner-freebsd-newbies@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-newbies.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-newbies>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-newbies>
X-Loop: FreeBSD.org

Howdy all.  What are people using to only allow ssh from certain
addressees?  I'm a recent FreeBSD convert, from Linux.  In linuxland I
used both iptables and then I would edit /etc/pam.d/sshd and add this
line

account    required     /lib/security/pam_access.so

to enable the pam module that allowed me to specify hosts/networks in
/etc/security/access.conf.

I'd rather not do tcp wrappers.  Is there an equivalent way to do this
with pam in FreeBSD?  I know about ipfilter and I'll be doing that, I
just like to have another layer.

Thanks,

Shane



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message