I haven't heard of an sshd option "Hosts". If that's supposed to restrict the hosts which are allowed to connect (or your "*" meaning all of them), there is the entry "ListenAddress" (defaults to 0.0.0.0, meaning no restriction). In addition, you should get a sshd which honors the /etc/hosts.allow/deny entries. Finally, that restricting business is nice to keep the inherently good guys out but better done with a firewall which usually also helps against the bad guys. There were numerous sshd exploits which require, obvioulsy, that your connection reaches sshd in the first place, while a firewall prevents already that.
If you are still confused, post a few version numbers, sshd config files, and you will be helped.
mlp
|