To Allow ssh Connections with Domain Name on AlmaLinux 8

Asked 2 years ago, Updated 2 years ago, 44 views

Using TCP Wrapper in CentOS 7, the following statements were made in hosts.allow to allow domain-specific ssh connections:

sshd:.dion.ne.jp

I decided to use AlmaLinux 8, but I looked up how to set it up in the same way, but I didn't know.I know that if the IP address is determined, it can be set with the --add-rich-rule of firewall-cmd...

Please let me know if anyone is an intellectual.Thank you for your cooperation.

add

I found out that using pam works, but it doesn't work even if I specify the domain name.
I wrote the following in access.conf, but I couldn't connect.

+:testuser:.vmobile.jp

Do I need any configuration to specify by domain name?

linux

2022-09-30 16:50

1 Answers

I think you can do it with PAM, but you can also limit it with AllowUsers on the sshd side.

(/etc/ssh/sshd_config)
UseDNS yes
AllowUsers testuser@*.vmobile.jp

However, the following conditions may be used to prevent impersonation.

"FQDN (HOST.vmobile.jp) obtained by reverse lookup of source IP address" => source IP address

2022-09-30 16:50

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

557 Scrap text information after the "View More" button when searching in the Yahoo! News search window

548 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

712 When building Fast API+Uvicorn environment with PyInstaller, console=False results in an error

981 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

538 Uncaught (inpromise) Error on Electron: An object could not be cloned

© 2024 OneMinuteCode. All rights reserved.