Configuring SSH Secure Shell for TCP Wrappers Support
2008-01-22 23:38
316 查看
To enable usage of TCP Wrappers with SSH Secure Shell, perform the following operations:
If SSH Secure Shell was previously installed from binaries, you may want to uninstall it before continuing.
Compile the source code:
Then, become root and run
Note: If
Locate
Run
Note: It is only necessary to specify the path to
Create or edit the
The typical setup is to deny access to everyone listed in the
or simply
And then allow access only to trusted clients in the
Based on the
If SSH Secure Shell was previously installed from binaries, you may want to uninstall it before continuing.
Compile the source code:
./configure --with-libwrap make
Then, become root and run
make install
Note: If
configuredoes not find
libwrap.a[/code], do the following:
Locate
libwrap.a
Run
configureagain:
make distclean ./configure --with-libwrap=/path_to_libwrap.a/
Note: It is only necessary to specify the path to
libwrap.aif the library and the include files are located in a non-standard directory, i.e. if the library has been compiled to a local directory, or has been installed to somewhere else than the default location.
Create or edit the
/etc/andhosts.allow
/etc/files. When a user tries to connect to the SSH Secure Shell server, the TCP wrapper daemon (hosts.deny
tcpd[/code]) reads the
/etc/hosts.allowfile for a rule that matches the client's hostname or IP. If
/etc/hosts.allowdoes not contain a rule allowing access,
tcpdreads
/etc/hosts.denyfor a rule that would deny access. If neither of the files contains an accept or deny rule, access is granted by default. The syntax for the
/etc/hosts.allowand
/etc/hosts.denyfiles is as follows:
daemon : client_hostname_or_IP
The typical setup is to deny access to everyone listed in the
/etc/hosts.denyfile. (This example shows both ssh1 and ssh2.)
sshd1: ALL sshd2: ALL sshdfwd-X11 : ALL
or simply
ALL: ALL
And then allow access only to trusted clients in the
/etc/hosts.allow:
sshd1 : trusted_client_IP_or_hostname sshd2 : .ssh.com foo.bar.fi sshdfwd-X11 : .ssh.com foo.bar.fi
Based on the
/etc/hosts.allowfile above, users coming from any host in the ssh.com domain or from the host foo.bar.fi are allowed to access.
相关文章推荐
- SSH隧道管理内部服务(putty,ssh secure shell)for win
- SSH隧道管理内部服务(putty,ssh secure shell)for win
- shell脚本精华----在10秒内SSH登录失败次数超过3次就使用iptables/tcpwrappers拒绝
- SSH隧道管理内部服务(putty,ssh secure shell)for win
- SSH隧道管理内部服务(putty,ssh secure shell)forWINDOWS
- SSH Secure Shell Client显示中文乱码
- SSHSecureShellClient安装及使用
- ssh secure shell支持中文不乱码
- SSH使用TCP Wrappers实现访问控制
- Linux下远程连接工具SSHSecureShellClient的使用
- SSH Secure Shell Client安装和使用
- 如何避免SSH Secure Shell Client连接Linux超时,自动断开?
- SSH Secure Shell Client中文乱码的解决方法
- SSH Secure Shell Client中文乱码的解决办法
- Using the NETCONF Protocol over Secure Shell (SSH)
- SSH Secure Shell Client
- Windows与Linux文件传输软件 SSHSecureShellClient
- SSH Secure Shell Client用public key认证登录
- F-Secure SSH File Transfer遇到错误"too many authentication failures for root"
- SSH Secure Shell Client 反空闲设置