[SSHd] Limiting access from authorized IP's

Eric Zimmerman heli at mikestammer.com
Fri Apr 18 16:22:36 UTC 2008

Kurt Buff wrote:
> On Fri, Apr 18, 2008 at 8:59 AM, Matthew Seaman
> <m.seaman at infracaninophile.co.uk> wrote:
> At any rate, locking down ssh access is one of my concerns, for sure,
> so this discussion is helpful.

Wouldn't turning off password based logins and using public and private 
keys (with a strong password) for ssh logins do the trick? if you limit 
yourself based on IP addresses, its inevitable that you will need access 
from an IP NOT on your exemption list at some time (like when you are on 
vacation, at relatives, etc).

Using keys to authenticate ssh sessions has worked very well for me. if 
you are concerned about the brute force attempts (which cant work 
without the private key which you put a strong password on), you can use 
something like denyhosts to block those hosts from even connecting.



More information about the freebsd-questions mailing list