Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] ssh certificate logins


Phill O'Flynn wrote:

> I am running a fedora server and currently using hosts.allow to
> only allow ssh accesses from specific ip addresses. I did this because I was getting
> a lot of idiots from eastern Europe and Russia tring to crack my server.
> 
> This has been ok  but now is prooving to be too restrictive. Can I get the
> server to force certificate based logins only?? If so how do I do it?? Is this the
> best approach anyway??

Also have a look at pam_abl:

    http://www.hexten.net/wiki/index.php/Pam_abl

Erik
-- 
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
"Anyone who says you can have a lot of widely dispersed people hack
away on a complicated piece of code and avoid total anarchy has never
managed a software project." - Andy Tanenbaum in 1992 on comp.os.minix