ssh

— ssh 접속 시도한 IP 목록 보기

ls /var/log/secure | xargs grep -E “[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+” -o | sort | uniq

-- 로그인 성공한 IP 목록 보기
cat /var/log/secure* | grep Accepted | awk '{print $9"\t"$11"\t"$14}' | sort | uniq


-- 특정 IP 주소만 접속하기

vi /etc/hosts.allow 

# hosts.allow	This file describes the names of the hosts which are
#		allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
sshd: xx.x.x.x
sshd: x.xx.x.x

vi /etc/hosts.deny

# hosts.deny	This file describes the names of the hosts which are
#		*not* allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!
sshd: ALL

-- 재시작 하기

service sshd restart
 

Be the first to comment

Leave a Reply

Your email address will not be published.


*