RHEL5 restrict ssh connections

Latest response

Working on setting up some RHEL 5 nodes that are running openssh4.3 to allow certain users from specific subnet and allow all others in.
I have done this on my RHEL 6 and 7 using Match in the sshd_config.
Similiar to this
RHEL 7 - sshd_config
Match Address xx.xxx.xxx.0/24
AllowGroups unix_admins unix_admins
Match Address *,!xx.xxx.xxx.0/24
AllowGroups secscan ops

RHEL 6 - sshd_config
Match Group unix_admins Address xx.xxx.xxx.0/24
Match Group secscan,ops@oriental.com Address *,!xx.xxx.xxx.0/24

I can't seem to find anything on RHEL5 on how to set something up similar. I also tried adding in the /etc/security/access.conf with no luck. I have spent 1.5 days searching for anything that might work. Any help appreciated.

Thanks

JA
Log in to join the conversation

Responses

Dusan Baljevic's picture Pro 469 points
20 March 2018 8:49 PM

Hi James,

access.conf should work on RHEL 5. See Red Hat's reference:

https://access.redhat.com/solutions/1300373

For user access, PAM pam_listfile.so is another way to go. Check this link:

https://www.linuxquestions.org/questions/linux-enterprise-47/using-pam_listfile-so-to-limit-ssh-access-in-rhel-5-a-670595/

And /etc/hosts.allow should be possible to use for limiting access by subnet or IP address.

Regards,

Dusan Baljevic (amateur radio VK2COT)

JA Active Contributor 170 points
23 March 2018 1:50 PM

Thanks for the links I got it to partly work but then sudo to root breaks for the user group. I will keep plugging away at it and see what I can do. Thanks again for the links

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.