Timothy Murphy writes:
I have an sshd server running on a machine in Ireland. Can I configure it so that it only accepts connection from certain machines, wherever they may be in the world?
In sshd_config set: PasswordAuthentication noThen, on the machines that you wish to allow connections from, in each account you wish to connect, run ssh-keygen to generate a keypair. This will create id_rsa and id_rsa.pub (or id_dsa and id_dsa.pub) in $HOME/.ssh (with permissions set appropriately), then append the contents of id_rsa.pub or id_dsa.pub to the $HOME/.ssh/authorized_keys2 file on the server that you want to connect TO.
Now, only the accounts whose private keys are listed in authorized_keys2 will be able to log in to your server. And, as an added bonus, no password will be required. The key takes place of the password, and only the machine where the key is installed will be able to log in.
Attachment:
pgpugEBdXsaVs.pgp
Description: PGP signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
