Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:08 AM
03-09-2005 06:08 AM
SSH
When system has multiple IP addresses configured ssh daemon listens on all ip's. How to configure ssh to listen on particular IP address?
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:19 AM
03-09-2005 06:19 AM
Re: SSH
Openssh has a file called sshd_config
This file may allow you to make those kind of configurations.
I might approach it differently and use ipfilter or maybe even /var/adm/inetd.sec to block protocols aimed at certain ip addresses.
I know Ipfilter could handle the job easily.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:31 AM
03-09-2005 06:31 AM
Re: SSH
you want to bind to and 22 is the port # where sshd
is listening on, use the following IPFilter rules:
# /sbin/ipf -f-
pass in quick proto tcp from any to S_IP port = 22
pass out quick proto tcp from S_IP port = 22 to any
block in proto tcp from any to any port = 22
block out proto tcp from any port = 22 to any
- Biswajit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:39 AM
03-09-2005 06:39 AM
Re: SSH
That file I mentioned
/opt/ssh/etc/sshd_config
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
I pretty much bet if you change the ListenAddress to the IP in question and then restart the sshd daemon, you will get the job done a lot faster than by installing and configuring IPFilter.
Sorry.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:41 AM
03-09-2005 06:41 AM
Re: SSH
to the following:
# /sbin/ipf -Fa -f-
block in quick proto tcp from any to !S_IP port = 22
block out quick proto tcp from !S_IP port = 22 to any
(That's a '!' char immediately before the IP address).
- Biswajit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2005 06:45 AM
03-09-2005 06:45 AM
Re: SSH
> I pretty much bet if you change the ListenAddress
> to the IP in question and then restart the sshd
> daemon, you will get the job done a lot faster than
> by installing and configuring IPFilter.
I agree with you on this as far as HP-UX 11.11 (or
11i, v1) is concerned. On HP-UX 11i v2 (i.e 11.23)
IPFilter is a default installed product, so it should
already be there on your system.
- Biswajit