[CentOS] ssh attack

Mon Feb 13 23:13:27 UTC 2006
Steve Bergman <steve at rueb.com>

John Merritt wrote:

>
> I tried to secure ssh better by putting in an AllowUsers line in 
> sshd_config. Then I thought tcp wrappers and just putting in my own 
> addresses in /etc/hosts.allow would be even better, until I found out 
> that all mail to my email server would be rejected.
>
There should be no problem here.  Just disallow everything in 
/etc/hosts.deny and then enable particular ip addresses for sshd.  And 
also enable the appropriate addresses for other services that you want 
to be available to various IP addresses.  You can use the word ALL to 
indicate no restriction. e.g.:

sendmail:ALL

man hosts.allow should get you the information that you need. 

But if you are remote to the machine, be careful you don't lock yourself 
out!

-Steve