hi, Am Samstag, den 11.03.2017, 12:10 +0100 schrieb Matthias Apitz: > El día Saturday, March 11, 2017 a las 11:52:22AM +0100, Oliver > Grawert escribió: > > > > > > > > > > > > > > > > > > > > tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN > > > > > tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN > > > > > tcp6 0 0 :::22 :::* LISTEN > > > > > > > > > > > > ... > > > > > > > > > > > > > > > > > That's why I requested some kind of firewall > > > rules to limit access to such ports based on source IP addr, for > > > example. > > just limit the client ip range in the sshd conf ... > This is in a read only file system. >
phablet@ubuntu-phablet:~$ mount |grep /etc/ssh
/dev/sda44 on /etc/ssh type ext4
(rw,relatime,discard,nodelalloc,data=journal)
/etc/ssh is writable by default since you need to generate the host
keys on first boot (else all host keys out there would be the same for
all phones)...
ciao
oli
signature.asc
Description: This is a digitally signed message part
-- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
