Re: Limiting ssh access: by MAC Address?

To: Tom Browder <tom.browder@gmail.com>
Cc: Debian Users ML <debian-user@lists.debian.org>
Subject: Re: Limiting ssh access: by MAC Address?
From: Dan Ritter <dsr@randomstring.org>
Date: Tue, 3 Jan 2023 17:30:48 -0500
Message-id: <[🔎] 20230103223048.tnlzw3djirouybew@randomstring.org>
In-reply-to: <[🔎] CAFMGiz9aMc+7u0pyx8nJvURJBABh2DJ4bhqNxqCDPph5An95GA@mail.gmail.com>
References: <[🔎] CAFMGiz9aMc+7u0pyx8nJvURJBABh2DJ4bhqNxqCDPph5An95GA@mail.gmail.com>

Tom Browder wrote: 
> Is it possible to use UFW to limit ssh access to a server by an external
> host by its MAC address?
> 
> I now have a permanent IPv4 address for my home IP router and would like to
> access my home server from my laptop when away from home, but allow no
> other external access. Is that possible?

Not via MAC address, no. MAC addresses are only visible inside a
local area network, and disappear when routing happens to a new
network.

You should use an SSH public/private key, that you have tested
before you leave, and you should use something like this in your
sshd config:

allow_users tomb

which will narrow the range of acceptable users (before any
other user auth happens) to just people who know your username.

-dsr-

Reply to:

Follow-Ups:
- Re: Limiting ssh access: by MAC Address?
  - From: Tim Woodall <debianuser@woodall.me.uk>
- Re: Limiting ssh access: by MAC Address?
  - From: Joe <joe@jretrading.com>

References:
- Limiting ssh access: by MAC Address?
  - From: Tom Browder <tom.browder@gmail.com>

Prev by Date: Re: Limiting ssh access: by MAC Address?
Next by Date: Re: Limiting ssh access: by MAC Address?
Previous by thread: Re: Limiting ssh access: by MAC Address?
Next by thread: Re: Limiting ssh access: by MAC Address?
Index(es):
- Date
- Thread