Results 1 to 6 of 6

Thread: SSH Only over LAN

  1. #1
    Join Date
    Nov 2009
    Beans
    186

    SSH Only over LAN

    How can I only allow ssh connections over LAN and refuse connections over the internet?

  2. #2
    Join Date
    Sep 2009
    Location
    surrey uk
    Beans
    2,057
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: SSH Only over LAN

    You would have to enable it to go over internet, I use gufw and set it for incoming deny then set rules for ip I let ssh in
    DUAL BOOT XP & Natty, Trying LFS

  3. #3
    Join Date
    Nov 2009
    Beans
    186

    Re: SSH Only over LAN

    SSH doesn't have a built-in way to do that? How do I know if gufw is actually working?

  4. #4
    Join Date
    Sep 2009
    Location
    surrey uk
    Beans
    2,057
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: SSH Only over LAN

    I have also changed the default port number, scan your pc from here http://nmap-online.com/
    DUAL BOOT XP & Natty, Trying LFS

  5. #5
    Join Date
    Oct 2009
    Beans
    51

    Re: SSH Only over LAN

    You change the /etc/hosts.allow and /etc/hosts.deny files.
    In hosts.deny you write:
    Code:
    sshd: 0.0.0.0
    In hosts.allow you write:
    Code:
    sshd: 192.168.1.
    or whatever your LAN network is called.
    See man hosts.deny for more details.

  6. #6
    Join Date
    Feb 2007
    Location
    West Hills CA
    Beans
    10,047
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: SSH Only over LAN

    If your router has a built-in firewall, then you can only ssh via the internet if port 22 is port-forwarded to your local IP address for the machine running the ssh server. Otherwise, ssh attempts from the outside will be blocked. You can ssh on your local area network without problems, unless you are running a software firewall (iptables, gufw, etc) on any machine that blocks port 22.

    If you change the default ssh port from 22 to something else, then you need to specify that port when you try to initiate an ssh session, or set it up in the ssh configuration files.
    -------------------------------------
    Oooh Shiny: PopularPages

    Unumquodque potest reparantur. Patientia sit virtus.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •