RHEL5 restrict ssh connections

Latest response

Working on setting up some RHEL 5 nodes that are running openssh4.3 to allow certain users from specific subnet and allow all others in.
I have done this on my RHEL 6 and 7 using Match in the sshd_config.
Similiar to this
RHEL 7 - sshd_config
Match Address xx.xxx.xxx.0/24
AllowGroups unix_admins unix_admins
Match Address *,!xx.xxx.xxx.0/24
AllowGroups secscan ops

RHEL 6 - sshd_config
Match Group unix_admins Address xx.xxx.xxx.0/24
Match Group secscan,ops@oriental.com Address *,!xx.xxx.xxx.0/24

I can't seem to find anything on RHEL5 on how to set something up similar. I also tried adding in the /etc/security/access.conf with no luck. I have spent 1.5 days searching for anything that might work. Any help appreciated.

Thanks

Responses

Hi James,

access.conf should work on RHEL 5. See Red Hat's reference:

https://access.redhat.com/solutions/1300373

For user access, PAM pam_listfile.so is another way to go. Check this link:

https://www.linuxquestions.org/questions/linux-enterprise-47/using-pam_listfile-so-to-limit-ssh-access-in-rhel-5-a-670595/

And /etc/hosts.allow should be possible to use for limiting access by subnet or IP address.

Regards,

Dusan Baljevic (amateur radio VK2COT)

Thanks for the links I got it to partly work but then sudo to root breaks for the user group. I will keep plugging away at it and see what I can do. Thanks again for the links

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.