Hmm... I sort of answered my own question, but that brought up a new question. Apparently, you can just specify sshd allow and deny statements in /etc/hosts.allow. I had always thought that this only worked for services spawned out of inetd? Now I see that inetd is running (even though I have all lines commented out in my /etc/inetd.conf) and it apparently has something to do with the -W flag? Can someone tell me how this magic works?
Thanks, Shane On Sat, 2002-11-09 at 12:58, Shane Hickey wrote: > First, lemme say that I foolishly asked this in freebsd-newbies (because > I'm a freebsd newbie) but it turns out that it was the wrong forum. > Anyway, what are people using to only allow ssh from certain > addressees? I'm a recent FreeBSD convert, from Linux. In linuxland I > used both iptables and then I would edit /etc/pam.d/sshd and add this > line > > account required /lib/security/pam_access.so > > to enable the pam module that allowed me to specify hosts/networks in > /etc/security/access.conf. > > I'd rather not do tcp wrappers. Is there an equivalent way to do this > with pam in FreeBSD? I know about ipfilter and I'll be doing that, I > just like to have another layer. > > Thanks, > > Shane > > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
