Search:  
Gentoo Wiki

Limit_SSH_logins

Image:OpenSSH-logo.png

SSH Basics

Tips & Tricks

Other Gentoo-wiki SSH

edit

Purpose

To prevent (read make more difficult) brute force attacks to your ssh server exposed on the internet, you can limit which logins can be used to log in with ssh protocol.

Steps

1. Edit file /etc/pam.d/sshd, add the following line as the first line: auth required pam_listfile.so sense=allow item=user file=/etc/ssh/ssh_allow_users onerr=fail

2. Create a new file /etc/ssh/ssl_allow_users, in which put the user id that is allowed for SSH login. -- You may actually put multiple user ids in this file, each in a separate line, for example:

File: /etc/ssh/ssl_allow_users
jihe
lucy
other_user

3. Do /sbin/service sshd restart

Credits

This TIP is a copy of information from : http://www.jihe.net/technical/my_linux_whitebox/stop_ssh_brute_force_attack.php Thank you, Ji He.

Retrieved from "http://www.gentoo-wiki.info/Limit_SSH_logins"

Last modified: Sat, 06 Sep 2008 13:10:00 +0000 Hits: 1,211