hosts.allow和hosts.deny配置

有个单机环境限制ssh登录,有多种方式,这里选择了配置hosts.allow和hosts.deny

[root@db ~]#  more /etc/hosts.allow
#
# hosts.allow    This file contains access rules which are used to
#        allow or deny connections to network services that
#        either use the tcp_wrappers library or that have been
#        started through a tcp_wrappers-enabled xinetd.
#
#        See 'man 5 hosts_options' and 'man 5 hosts_access'
#        for information on rule syntax.
#        See 'man tcpd' for information on tcp_wrappers
#
sshd:172.100.100.56:allow
sshd:172.100.100.57:allow
sshd:172.100.100.42:allow
sshd:172.100.100.43:allow
sshd:172.100.100.46:allow

[root@db ~]# cat /etc/hosts.deny
#
# hosts.deny    This file contains access rules which are used to
#        deny connections to network services that either use
#        the tcp_wrappers library or that have been
#        started through a tcp_wrappers-enabled xinetd.
#
#        The rules in this file can also be set up in
#        /etc/hosts.allow with a 'deny' option instead.
#
#        See 'man 5 hosts_options' and 'man 5 hosts_access'
#        for information on rule syntax.
#        See 'man tcpd' for information on tcp_wrappers
#
sshd:all:deny
[root@db ~]#

你可能感兴趣的:(Linux,服务器,安全,linux)