Posted: Mon Jan 23, 2006 10:00 pm Post subject: Can I limit ssh logins to one hostname?
Hi,
I am running a server, and since it contains a number of websites, it uses a number of hostnames, including its IP address, of course.
I've been receiving a number of login attempts to username: root, among others, and one of the ways I thought of combatting this was to limit all ssh requests to a single hostname that is not used anywhere else (such as sshlogin.domain.tld)
Is there a way to restrict all ssh requests to a specific hostname?
You can have sshd listen to a particular IP and port. Take a look at the sshd_config man page and look for ListenAddress option. It looks like you can do something like:
Code:
ListenAddress 123.456.789.012:22
to listen on a particular IP address at the default port.
But realize that you're only moving the problem. People will still try to probe the ssh port regardless of the host name. Mostly the host name is irrelevant - they only go after the IP anyway.
If you can't restrict the IP's that are allowed to access the machine via ssh (i.e. only allow a few machines to even see that the host has an open ssh port using iptables) then make sure you keep up with patches, don't allow direct root login, and have good passwords for any account that you do allow logins to.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Forum FAQ
Search
Usergroups
Profile
Log in
