Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Scott D. Davis
September 5, 2003, 1:27 pm
rate this thread
to my tcp-wrappers hosts.allow?
Why you ask. Good question. I access my work from home ocassionally. I am
using SSH to tunnel VNC. However, at home I have a DHCP IP address, which
changes ocassionally (obviously). So when that happens I can not connect
until the next day, when I go back to work and put in my NEW IP in
If I had "ssh: ALL" in my hosts.allow, then I could SSH in no matter the IP,
and go from there.
*** Problem: I am a worried about the security risk of adding sshd: ALL to
my hosts.allow. Is this a risk?
*** Currently I use:
ALL: home IP
ALL: home IP
This would allow me to SSH in after my DHCP lease expires, and change the
hosts.allow file to reflect my NEW IP.
Re: Security Risk? sshd: ALL
As a data point, I've had it that way for months and nothing bad's happened
yet. Well, I've gotten "Did not receive identification string" nine times
in the last month... probably a port scan hit port 22.
So you're proposing to make this change at work? You could have the home
system mail its address to you at work, or put "sshd: <home address range>"
So could anybody else (with a username & password)... you have to decide if
IME, apparently not a big one. But I wouldn't do it if I could avoid it.
Logging into my machine remotely has been very handy a few times.
-eben ebQenW1@EtaRmpTabYayU.rIr.OcoPm home.tampabay.rr.com/hactar
An ASCII character walks into a bar and orders a double. "Having a bad
day?" asks the barman. "Yeah, I have a parity error," replies the ASCII
chrctr. The barman says, "Yeah, I thght you looked a bit off." -- Skud
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum