Page 1 of 1

hosts.allow and hosts.deny

Posted: Fri Oct 31, 2014 10:01 pm
by lazarus78
I am trying to up the security on my raspberries, and one thing that I came across were the allow and deny hosts files. Ive played with them a little bit, but for the life of me, I cant seem to get exactly what I want.

Basically I want to limit any and all connections to the raspberry, except for 2 computers (10.2.0.200 and 10.2.2.196) from which I ssh to the raspberries. The best I was able to do was allow one IP to connect, but I can't quite figure out the syntax for a second one. It appears the deny list is evaluated in such a way that the allow list is over ruled or overlooked all together.

In shory, the only thing I could come up with that worked was this:

Code: Select all

sshd: ALL EXCEPT 10.2.2.196
Alas, for obvious reasons, it will only allow the one connection.

Anyone able to help me on this? Layman's terms appreciated.

Re: hosts.allow and hosts.deny

Posted: Fri Oct 31, 2014 10:42 pm
by lazarus78
And as always, as soon as I post this, I figure it out.

It reads down the list, so if I put the allows first then the deny all, I can get the allowances I wish.

Problem solved.