[SGVLUG] Want to limit external access to server
Matthew Campbell
dvdmatt at gmail.com
Thu Nov 13 11:05:15 PST 2014
Good morning Jim,
What distro are you running on? I am RHEL based and have always configured
ssh access through /etc/ssh/sshd_config. If you limit access through ssh
you have no impact on your console login.
See section 3:
http://wiki.centos.org/HowTos/Network/SecuringSSH
Good luck!
Matt
---------
*Matthew Campbell*
Storage and Cloud Strategy
Office of the CTO
*Kaiser Permanente*
99 S. Oakland
Pasadena, CA 91101
626-564-7228 (office)
8-338-7228 (tie-line)
818-314-9897 (mobile phone)
Green Center 3-North, 031W29
---------
*kp.org/thrive <http://kp.org/thrive>*
On Thu, Nov 13, 2014 at 10:22 AM, DYN: Jim Workman <jimw at dynashoe.com>
wrote:
> Hi All,
>
>
>
> My RHEL server has both internal and external Ethernet connections. We
> are trying to limit outside SSH access to specific users.
>
>
>
> So, in access.conf, can I add:
>
>
>
> + : johndoe boba sams : ALL # To allow specific users from any IP
>
> + : ALL : 10.0.0.0/255.255.255.0 # To allow all users from local
> network
>
> - : ALL : ALL except LOCAL # Deny everyone else except (on the
> console?)
>
>
>
> If I try this, is there a chance that I won’t even be able to login as
> root on the console?
>
>
>
> Should it accomplish my goal?
>
>
>
> Would it affect other areas such as email, cron-tasks, etc?
>
>
>
> Jim
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20141113/22f61dc1/attachment.html>
More information about the SGVLUG
mailing list