Ping a Specific Port

Question

Owen

Asked: 2010-08-11 09:27:41 +0800 CST2010-08-11 09:27:41 +0800 CST 2010-08-11 09:27:41 +0800 CST

Linux SSH access control

772

I want to allow anyone access to SSH with a valid identity key BUT allow only one IP address to have SSH password access.

How do I do this?

(I'm running on Centos 5.5)

3 Answers

Voted

Dom · Answer 1 · 2010-08-11T09:38:50+08:00

Dom

2010-08-11T09:38:50+08:002010-08-11T09:38:50+08:00

http://www.softpanorama.org/Commercial_linuxes/Security/linux_pam.shtml#News

Modify pam to do this. I never try this.

3

joschi · Answer 2 · 2010-08-11T10:07:32+08:00

Best Answer

joschi

2010-08-11T10:07:32+08:002010-08-11T10:07:32+08:00

You can easily use the Match statement (see sshd_config(5)) to distinguish between clients and allow exactly one client (e. g. identified by its IP address) to log in with its password rather than having an SSH key.

2

jamespo · Answer 3 · 2010-08-11T10:01:47+08:00

jamespo

2010-08-11T10:01:47+08:002010-08-11T10:01:47+08:00

You could run 2 sshd's

1 - run normally from init, key authentication only (set in sshd_config)

2 - run from xinetd (http://www.itech7.com/Linux/How-to-configure-SSHD-on-Xinetd) listening on a different port (eg 2222) with a separate sshd_config etc and that port is configured with your local firewall (iptables / whatever) to only allow access from the IP you want.

0

Linux SSH access control

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?