misc/187307: Security vulnerability with FreeBSD Jail
Scot Hetzel
swhetzel at gmail.com
Thu Mar 6 00:43:28 UTC 2014
On Wed, Mar 5, 2014 at 5:39 PM, Xin Li <delphij at delphij.net> wrote:
> So the solution would be to change your configuration such that:
>
:
> 2) Do not make host's sshd to listen on all addresses, instead, only
> listen to the designated host IP address. This is not a security
> measure but avoids confusion.
>
You will want to change the hosts sshd_config to only listen on the
10.0.0.100 address:
ListenAddress 10.0.0.100
If the host needs to listen on multiple addresses, just add another
ListenAddress.
http://www.cyberciti.biz/tips/howto-openssh-sshd-listen-multiple-ip-address.html
--
DISCLAIMER:
No electrons were maimed while sending this message. Only slightly bruised.
More information about the freebsd-security
mailing list