Re: question about ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 30 Dec 2004 21:19:35 +0800, chi <chi@xxxxxxxxxxxxxxxxxx> wrote:

>i discover sometime there is a people try to login my sshd server in my 
>home , he try many time.
>is there exist something protect my computer?
>for example, can sshd do if a ip try to login fail 5 time in certain 
>period. then it block it?
>thx

I assume this is the usual attempt to login as guest, admin, etc.?

I did three things.

1)  I edited /etc/ssh/sshd_config to add port 2222 to the ports sshd uses:

   # The strategy used for options in the default sshd_config shipped with
   # OpenSSH is to specify options with their default value where
   # possible, but leave them commented.  Uncommented options change a
   # default value.
    Port 22
   #  allow 2222 for external access
   Port 2222

2)  I changed my firewall rules so port 22 is open only to my local network
and 127.0.0.1.  Port 2222 is open to the outside.

3)  I created a group named "ssh-enabled" and added only those users who
should be able to use ssh to connect.  root is not included.  To login as
root, a user must login with his own ID and then su. That way, I have a record
of who became root when.  This is at the end of /etc/sshd_config:

  #
  PermitRootLogin no
 AllowGroups ssh-enabled 
-- 
  Steve 
   


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux