> Q1. In the /etc/sshd_config there is a "denyhosts" and a "allowhosts" if I want to deny ALL hosts and only let in the ones that I want, What should I put in the following
> Allowhosts:
> Denyhosts:
> BTW *.* is not working it is not letting anything at all through. Not even the hosts that are allowed
You want:
# AllowHosts *.our.com friend.other.com
AllowHosts 209.50.5.* 209.50.6.* 209.50.7.50 foo.bar.baz.com
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
DenyHosts 209.50.5.2 badass.jerk.com
# Umask 022
# SilentDeny on
Above will let in the class c of 209.50.5.* & 209.50.6.* but will deny the
machine at 209.50.5.2. Will deny on number or name.
It will also allow the host 209.50.7.50 or the name foo.bar.baz.com.
You could just remove the deny section if you did not have anything in the
wildcards that you then wanted to exclude.
-- Doug Herr - wwr.rtgmycwzs@netbone.cz Whole Earth Networks - Network Operations Center