Skip to main content

SSH in the LAN

My preferred protocol to connect networked devices is ssh. That includes local area networks, where even seasoned Linux users (for reasons which escape me, sshfs exists) usually employ smb/cifs.

If you want your ssh server to listen only to its local address (for example, 192.168.178.21), and only to specific users (for example, cobra) and devices (for example, 192.168.178.22) in the local network, add these lines to /etc/ssh/sshd_config:

ListenAddress 192.168.178.21
AllowUsers cobra@192.168.178.22

As usual, I'd also set

PasswordAuthentication no
PermitRootLogin no
StrictModes yes
MaxAuthTries 1
RSAAuthentication no
PubkeyAuthentication yes

In the present case, these settings serve convenience besides security, of course. Entering passwords in our local network on devices physically located in our very home would be, well, silly, to say the least.

Contents © 2018 Cobra · About · Privacy · Powered by Nikola · Creative Commons License BY-NC-SA