I am running RH7 loging in with Tera Term SSH. I would like to limit this type of access to my static ip address and not allow any other ip's to log in.

Can I edit a file like I did with /etc/ftpaccess that will only allow the ip address in that file to log in?

Exactly how can I do this. Please be specific.

Thanks,
Gene

What I did was to change my hosts.deny and hosts.allow to only allow connection from specific IP's.

Deny everyone...then specify who you want to allow from there.

Hope that helps if not searching google for hosts.deny brought back a lot of good info.

Here is one http://www.userlocal.com/securinginetdetc.shtml

Yeah, that'll work.. as long as you're running sshd through a superserver rather than a standalone daemon. I have no idea if sshd as a standalone daemon will bother checking hosts.allow and hosts.deny.

A better, more comprehensive solution would be to block connections at your firewall. That's what I'd do if I wanted to do this.

However... what are you so concerned about? If you're using password authentication, it would take an attacker probably at least a few months to break in, and surely you'd notice the attacks in your log files and do something about it by then. If you're using RSA or DSA authentication, it would take longer than the lifetime of the attacker or, if the key is sufficiently large enough, longer than the lifetime of the universe itself. What if you're at somebody else's house and you want to SSH to your home box someday? Do you really want to shut out that option out of paranoia?

take my word for it...craig is right...i was going to do the same thing with the hosts files....its better to just secure your box then to limit its capabilities out of fear.

I edited the files: allow and deny with success but now I can't access my pop3 email.
I tried the entry for allow:
110: <my ip>
and
110: ALL
But it did not work.
Any Ideas?
Thanks

Correct me if I'm wrong, but I don't think hosts.allow and hosts.deny take port numbers. Generally, you specify the name of the daemon program. If your POP3 daemon is "in.solid-pop3d", then that's what you'd use in the hosts.allow.