hosts.allow和hosts.deny配置

有个单机环境限制ssh登录，有多种方式，这里选择了配置hosts.allow和hosts.deny

root@db \~# more /etc/hosts.allow

hosts.allow This file contains access rules which are used to

allow or deny connections to network services that

either use the tcp_wrappers library or that have been

started through a tcp_wrappers-enabled xinetd.

See 'man 5 hosts_options' and 'man 5 hosts_access'

for information on rule syntax.

See 'man tcpd' for information on tcp_wrappers

sshd:172.100.100.56:allow

sshd:172.100.100.57:allow

sshd:172.100.100.42:allow

sshd:172.100.100.43:allow

sshd:172.100.100.46:allow

root@db \~# cat /etc/hosts.deny

hosts.deny This file contains access rules which are used to

deny connections to network services that either use

the tcp_wrappers library or that have been

started through a tcp_wrappers-enabled xinetd.

The rules in this file can also be set up in

/etc/hosts.allow with a 'deny' option instead.

See 'man 5 hosts_options' and 'man 5 hosts_access'

for information on rule syntax.

See 'man tcpd' for information on tcp_wrappers

sshd:all:deny

root@db \~#