mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From garima jain <jain.garim...@gmail.com>
Subject Re: Partial Disabling of port 22 using apache-mina SSHD
Date Tue, 21 Jun 2016 06:18:58 GMT
Also, the jars used are sshd-core-0.9.0.jar, sshd-sftp-0.9.0.jar.

-Garima Jain.

On Tue, Jun 21, 2016 at 11:42 AM, garima jain <jain.garima88@gmail.com>
wrote:

> Can I keep the port open for sftp and close for ssh?
>
> -Garima Jain.
>
> On Mon, Jun 20, 2016 at 10:33 PM, garima jain <jain.garima88@gmail.com>
> wrote:
>
>> Thanks. Will use that.
>>
>> -Garima Jain
>> On Jun 20, 2016 10:31 PM, "Ashish" <paliwalashish@gmail.com> wrote:
>>
>>> On Mon, Jun 20, 2016 at 9:43 AM, garima jain <jain.garima88@gmail.com>
>>> wrote:
>>> > Can we use black list/whitelist feature?
>>>
>>> This is what you should use.
>>>
>>> >
>>> > -Garima Jain
>>> > On Jun 20, 2016 10:12 PM, "elijah baley" <e_baley@outlook.com> wrote:
>>> >
>>> >> There are many options - depending on the actual setup:
>>> >> - You can move SSHD to a non-standard port on all interfaces - easy
>>> to do
>>> >> when setting up the server - just call "setPort" on the SshServer
>>> instance-
>>> >> You can bind SSHD to a specific interface (e.g., 127.0.0.1)om port 22
>>> and
>>> >> bind SFTP to the public interface on port 22 - easy to do just call
>>> >> "setAddress" (or something to that effect)  on the SshServer instance
>>> >> I could think of more exotic options - e.g. similar to sslh, using
>>> >> HAPROXY, etc., etc.
>>> >> > From: jain.garima88@gmail.com
>>> >> > Date: Mon, 20 Jun 2016 12:10:26 +0530
>>> >> > Subject: Re: Partial Disabling of port 22 using apache-mina SSHD
>>> >> > To: dev@mina.apache.org
>>> >> >
>>> >> > Hi elijah,
>>> >> >
>>> >> > The requirement is to block port 22 for SSH and accept SFTP
>>> connections
>>> >> on
>>> >> > Port 22. Is there a class/method that can help us achieve the aim?
>>> >> >
>>> >> > -Garima Jain.
>>> >> >
>>> >> > On Fri, Jun 17, 2016 at 3:27 PM, elijah baley <e_baley@outlook.com>
>>> >> wrote:
>>> >> >
>>> >> > > Is there some reason your code cannot examine the incoming
client
>>> >> address
>>> >> > > and reject it if it does not match some specified criteria
(e.g.,
>>> mask,
>>> >> > > network, closed group of IPs - whatever...) ?
>>> >> > >
>>> >> > > > From: jain.garima88@gmail.com
>>> >> > > > Date: Fri, 17 Jun 2016 14:50:51 +0530
>>> >> > > > Subject: Partial Disabling of port 22 using apache-mina
SSHD
>>> >> > > > To: dev@mina.apache.org
>>> >> > > >
>>> >> > > > Hi,
>>> >> > > >
>>> >> > > >
>>> >> > > >
>>> >> > > > We are using com.springsource.org.apache.mina-1.0.2.jar
 in our
>>> >> product.
>>> >> > > > The requirement is to disable port 22 for all incoming
traffic
>>> over
>>> >> SSH
>>> >> > > but
>>> >> > > > the same port is required to communicate with few IP’s
over 22.
>>> Is
>>> >> there
>>> >> > > a
>>> >> > > > way to handle selective port blocking?
>>> >> > > >
>>> >> > > >
>>> >> > > > -Garima Jain.
>>> >> > >
>>> >> > >
>>> >>
>>>
>>>
>>>
>>> --
>>> thanks
>>> ashish
>>>
>>> Blog: http://www.ashishpaliwal.com/blog
>>> My Photo Galleries: http://www.pbase.com/ashishpaliwal
>>>
>>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message