| 2번째 줄: | 2번째 줄: | ||
==방법: hosts.allow, hosts.deny 설정== | ==방법: hosts.allow, hosts.deny 설정== | ||
{{참고|로그인 성공한 아이피 목록 보기}} | {{참고|리눅스 로그인 성공한 아이피 목록 보기}} | ||
<source lang='dos'> | <source lang='dos'> | ||
[root@jmnote ~]# cat /var/log/secure.* | grep Accepted | awk '{print $9"\t"$11"\t"$14}' | sort | uniq | [root@jmnote ~]# cat /var/log/secure.* | grep Accepted | awk '{print $9"\t"$11"\t"$14}' | sort | uniq | ||
2013년 2월 17일 (일) 05:31 판
- 특정 IP만 SSH 접속 허용하기
1 방법: hosts.allow, hosts.deny 설정
리눅스 로그인 성공한 아이피 목록 보기 문서를 참고하십시오.[root@jmnote ~]# cat /var/log/secure.* | grep Accepted | awk '{print $9"\t"$11"\t"$14}' | sort | uniq
root 113.157.124.168 ssh2
root 135.79.246.80 ssh2
root 135.79.246.221 ssh2
hosts.allow 문서를 참고하십시오. hosts.deny 문서를 참고하십시오.- hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
sshd: 113.157.124.168, 135.79.246.
- hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
sshd: ALL
2 참고 자료
로그인하시면 댓글을 쓸 수 있습니다.
{{ comment.name }}
{{ comment.created | snstime }}
-
{{comment.page_title}} ―{{comment.name}}