From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Turnbull Subject: Re: SSH allow only form selected IP' Date: Sat, 14 Aug 2004 20:54:21 +1000 Sender: linux-config-owner@vger.kernel.org Message-ID: <411DEF5D.5040903@lovedthanlost.net> References: <20040814163121.5491.SAVAGE-GARDEN@hanikamail.com> Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms020900050302030407040200" Return-path: In-Reply-To: <20040814163121.5491.SAVAGE-GARDEN@hanikamail.com> List-Id: To: Kev Cc: linux-admin@vger.kernel.org, linux-config@vger.kernel.org This is a cryptographically signed message in MIME format. --------------ms020900050302030407040200 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Kev wrote: >hi, > >i have a redhat enterprise 3 linux box, how can i configure SSH demon >only to allow SSH connections only form selected IP's ? > >i have 3 IP rangers that i need to allow, how can i do this ? > >thanks a lot >Kev > > >------- >Web Hosting at a cheap price, starting at $1 per month with your own domain, .COM, .NET, .LK, .ORG etc.. >PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP, >http://www.orbitsl.net > >- >To unsubscribe from this list: send the line "unsubscribe linux-config" in >the body of a message to majordomo@vger.kernel.org >More majordomo info at http://vger.kernel.org/majordomo-info.html > > Use your firewall rules. Something like: iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -s 192.168.0.0/24 --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -d 192.168.0.0/24 --sport 22 -j ACCEPT Where 192.168.0.0/24 is the range you are allowing. Regards James --------------ms020900050302030407040200 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIH+TCC AlcwggHAoAMCAQICAwxcXDANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDQwNTIyMDYxNTI4WhcNMDUwNTIyMDYxNTI4 WjBJMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSYwJAYJKoZIhvcNAQkBFhdq YW1lc0Bsb3ZlZHRoYW5sb3N0Lm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx2v2 vUgZ5zogSrElx4VilKyCm0yfHJ3Mqe4CSp/7VlfTgwonPqU12B00fmamXeM1txF/QxgGXI38 Kwf3iS2aVy9VSL1ckNlcfQEHJt7+4UdKeEttL8Z65BXxPCL6+s1ll2YZ23piQRPkV5iDirIZ k3PbKIz7TVLGzg1QgV6NYlUCAwEAAaM0MDIwIgYDVR0RBBswGYEXamFtZXNAbG92ZWR0aGFu bG9zdC5uZXQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQDCVRZxHh7SMS0t+OJ9 rehq9WFgj+5Fv4EsYM+riXx8tqGwBDGHK0e/+/9UIOl2WsVReAGTktz48ilbuMhXAps2ojF+ EgEzmmk/HRkrk9mT0fZw4WEj6LmESKatKkyE7+FmcZEdnVwsHQ3bbSSCSoNL+1L4v2Ncr4kW vBMAslVo/zCCAlcwggHAoAMCAQICAwxcXDANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJa QTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhh d3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDQwNTIyMDYxNTI4WhcNMDUw NTIyMDYxNTI4WjBJMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMSYwJAYJKoZI hvcNAQkBFhdqYW1lc0Bsb3ZlZHRoYW5sb3N0Lm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAw gYkCgYEAx2v2vUgZ5zogSrElx4VilKyCm0yfHJ3Mqe4CSp/7VlfTgwonPqU12B00fmamXeM1 txF/QxgGXI38Kwf3iS2aVy9VSL1ckNlcfQEHJt7+4UdKeEttL8Z65BXxPCL6+s1ll2YZ23pi QRPkV5iDirIZk3PbKIz7TVLGzg1QgV6NYlUCAwEAAaM0MDIwIgYDVR0RBBswGYEXamFtZXNA bG92ZWR0aGFubG9zdC5uZXQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQDCVRZx Hh7SMS0t+OJ9rehq9WFgj+5Fv4EsYM+riXx8tqGwBDGHK0e/+/9UIOl2WsVReAGTktz48ilb uMhXAps2ojF+EgEzmmk/HRkrk9mT0fZw4WEj6LmESKatKkyE7+FmcZEdnVwsHQ3bbSSCSoNL +1L4v2Ncr4kWvBMAslVo/zCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJ BgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy dmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTEr MCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcw MDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUg Q29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h aWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065ypla HmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FW y688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEE QB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2 oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3Js MAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0x MzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYf qi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9l X5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggK6MIICtgIBATBp MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQu MSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDFxcMAkG BSsOAwIaBQCgggGnMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8X DTA0MDgxNDEwNTQyMVowIwYJKoZIhvcNAQkEMRYEFKZMf41TpnkEJUhIC3vhH1Nxpy/ZMFIG CSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMHgGCSsGAQQBgjcQBDFrMGkwYjELMAkGA1UE BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMMXFwwegYLKoZIhvcNAQkQ Agsxa6BpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5 KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQID DFxcMA0GCSqGSIb3DQEBAQUABIGAMMxYgoHsxOE0R/v1ZDtLtIWXyPQFtHSZawkvvXD/0HQy l4aaEzaj3ZJISOMrsm7+/ZCUzyi8B4p1lcstym7CTkE76Um4y+++GFj6+qttaPIFX4pP94zJ Uqff3mTv/mWhR067Bpz7SxqfeOOAXBzw79i/PVrWxDFBbTTS7UP+OrwAAAAAAAA= --------------ms020900050302030407040200--