sshd_config : ListenAddress not working

If none of the more specific forums is the right place to ask

sshd_config : ListenAddress not working

Postby michalng » 2010-04-06 12:00

Install openssh so that I can access my desktop (192.168.1.100) from my laptop (192.168.1.200) using konqueror with "fish".

Googled and read that the sshd_config should be updated to enhance security.
Tried fiddling with sshd_config on the desktop and hit a brick wall.

Before setting ListenAddress 192.168.1.200 in sshd_config, the laptop can access the desktop with problem.
However, after setting it, the laptop is not able to access the desktop.

Did I understand the setting correctly or is there some bug?
michalng
 
Posts: 45
Joined: 2009-02-17 14:18

Re: sshd_config : ListenAddress not working

Postby refracta » 2010-04-06 12:51

first, I dont think you understood correctly...
second, I see no reason you should bother with it...

unfiddle it and done!
refracta
 
Posts: 1235
Joined: 2008-10-26 01:46

Re: sshd_config : ListenAddress not working

Postby mzilikazi » 2010-04-06 15:34

Set up ssh to use keys
Once key based logins are working, disallow root login and disable password logins in /etc/ssh/sshd_config
Code: Select all
PermitRootLogin no
PasswordAuthentication  no

Then restart ssh
Code: Select all
/etc/init.d/ssh restart

I have never bothered with the ListenAddress personally.
Debian Sid Laptops:
AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 / 1.5G
Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz / 3G
User avatar
mzilikazi
Forum Ninja
 
Posts: 3321
Joined: 2004-09-16 02:14
Location: Colorado Springs, CO

Re: sshd_config : ListenAddress not working

Postby hrod beraht » 2010-04-06 17:56

ListenAddress is the IP address of the network interface on which the ssh daemon server socket is bind. If you've only got one NIC and one IP address on that box, you shouldn't need to change it.
From what you mentioned, I'm assuming what you are actually trying to do is limit incoming ssh connections to only those coming from the address of your laptop (192.168.1.200). If that's what you want to do, specify the address in your /etc/hosts.allow file:

/etc/hosts.allow
Code: Select all
# let everyone connect to you
sshd: ALL

# OR you can restrict it to a certain ip
sshd: 192.168.1.200

# OR restrict for an IP range
sshd: 10.0.0.0/255.255.255.0

# OR restrict for an IP match
sshd: 192.168.1.


/etc/hosts.deny
Code: Select all
ALL: ALL: DENY


Bob
User avatar
hrod beraht
 
Posts: 65
Joined: 2007-09-06 01:55

Re: sshd_config : ListenAddress not working

Postby michalng » 2010-04-06 22:14

mzilikazi,

thanks for the link, will read through and see if I can get it working that way.


hrod beraht,

you are fantastic, you read my mind.

so /etc/hosts.allow is the file the I should be updating :D

Thanks.
michalng
 
Posts: 45
Joined: 2009-02-17 14:18


Return to General Questions

Who is online

Users browsing this forum: No registered users and 18 guests

fashionable