Home page logo

basics logo Security Basics mailing list archives

ssh login protection
From: Edmund <cc () belfordhk com>
Date: Tue, 02 Dec 2003 11:17:26 +0800


I was wondering if someone could clarify something for me.
I often ssh into two mail servers from dialup(thus dynamic
ip) at home.

Right now, I specify which IPs that can ssh into the two
machines but for dynamic IPs, I can't do that unless I
go crazy and allow xx.xx.xx.xx/16, which is not very
secure.  But due to the importance of me needing to ssh
to the servers, I've been 'slacking' off the security
and allowing a certain range of IPs (those that I'm
certain are from my ISP at home).
Can someone tell me if this is the appropriate way?
Or do I allow any IPs from sshing?

The reason why I'm asking is that I'll be taking
a holiday and believe I'll also need to ssh to the
mail servers.   I don't know the IPs ahead of
time since where I'll be staying, it'll also be
dynamically assigned.

Is there a solution to this problem?  I don't
want to open the servers to attacks from any
SSH-related issues that crackers would take
advantage of.

Any help appreciated


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]