[rescue] SGI fw_sshd and security

Kevin Loch kloch at gurunet.net
Fri Mar 5 11:25:43 CST 2004

Sheldon T. Hall wrote:
> Maybe I will follow through on my plan and implement a system that lets me
> turn sshd on and off remotely....

Does ssh need to be accessible to the entire Internet, or would
some small subset do?

For example, if you know you won't be ssh'ing from APNIC
or RIPE address space, you might want to filter that.
Better yet, only allow specific addresses/networks
you know you will be sshing from.


More information about the rescue mailing list