[Patch] Restricting access to certain ip numbers.
Bruno Thomsen
bth at kamstrup.dk
Mon Oct 6 16:04:03 WST 2014
> Subject: [Patch] Restricting access to certain ip numbers.
>
> Perhaps not something to have default in dropbear, put perhaps of interest for someone...
>
> In order to restrict access from certain ip addresses only, you can, with this patch, start a dropbear with option -S
> This will only allow password logins if a corresponding file /etc/dropbear/ip_<ipnumber>_any.allow exists.
>
> It will also check for /etc/dropbear/ip_<ipnumber>_<username>.allow for granting access to specific usernames only
>
> If you start dropbear with -S -S it will also use this restriction for pubkey validation
Most of this functionality sounds like something iptables can do.
I don't really see a point in adding firewall capabilities to a lightweight ssh implementation.
But thanks for sharing the patch :)
Venlig hilsen / Best regards
Bruno Thomsen
Development engineer
Technology
Kamstrup A/S
Industrivej 28
DK-8660 Skanderborg
Tel: +45 89 93 10 00
Fax: +45 89 93 10 01
Dir: +45 89 93 13 94
E-mail: bth at kamstrup.dk
Web: www.kamstrup.dk
More information about the Dropbear
mailing list