How To Restrict SSH Access Only To Specific IPs
For this tutorial we will use Linux’s host.allow and host.deny file which is pretty straight forward
Step 1
Now we will allow a list of known IPs who should be able to login to SSH. For that we need to add an entry to /etc/hosts.allow file, so we go ahead and open it again with your favorite editor ?
nano /etc/hosts.allow
and add the following lines to allow the whitelisted IP blocks to your public SSH.
sshd: 10.83.33.77/32, 10.63.152.9/32, 10.12.100.11/28, 10.82.192.0/28
This line will allow all the comma separated IP blocks to your SSH port
Note: make sure you double check the IP addresses, or you will be blocked by SSH
Step 2
Open up /etc/hosts.allow file using your favorite text editor
vi /etc/hosts.deny
and add the following lines to deny all SSH connections to your public SSH port
sshd: ALL
This code will block all incoming SSH requests on your SSH port
Regards,
Kon Belieu
Partner
[email protected] | 513-575-3500
4440 Lake Forest Dr., Suite 102B, Cincinnati, OH 45242
Comments are closed