Does OpenSSHd have a blacklist for IPs?

thedaver · Jan 24, 2006

Does OpenSSHd have a blacklist/denylist for IPs as a native function? I know I can screw around with hooking up port 22 to DJB's tcpserver and block IPs before they get a session, but I gotta believe that SSHd has it natively.

I see a lot of IPs are trying to guess user IDs at SSHd. I'd just assume banish those IPs to a blacklist and reject them before they can continue.

Thoughts?

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

BocaBurger · Jan 24, 2006

Block them at your firewall?

BocaBurger
<===========================||////////////////|0
The pen is mightier than the sword, but the sword hurts more!

thedaver · Jan 24, 2006

I'm in a position to block by application/port on the server.

I've found that /etc/hosts.deny is a possibility.

D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

Annihilannic · Jan 24, 2006

Have you tried using the "DenyUsers *@1.2.3.4" option in sshd_config. I'm not 100% sure the "*" is supported (it doesn't say on the sshd_config man page), but you could experiment with that.

Annihilannic.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Does OpenSSHd have a blacklist for IPs?

thedaver

IS-IT--Management

BocaBurger

Vendor

thedaver

IS-IT--Management

Annihilannic

MIS

Similar threads

Part and Inventory Search

Sponsor