[oclug] ssh setup
David F. Skoll
dfs at roaringpenguin.com
Mon Feb 5 14:19:09 EST 2001
On Mon, 5 Feb 2001, Lafleur Maurice wrote:
> But that does not make VNC
> server sessions accessible only through the ssh secure pipe. My goal is to
> force vnc to only acccept sessions connections via the secure pipe. What
> would the proper incantations on the server be?
You can firewall off TCP connections as follows:
# First, put ipchains rules for all the TCP connections you want to ALLOW,
# like SSH, etc. Then:
ipchains -A input -p tcp -y -l -j DENY
This denies all TCP packets with the SYN bit set. This makes it impossible
to establish TCP connections into the machine, but allows outgoing
connections.
--
David.
More information about the OCLUG
mailing list