How To Restrict SSH Access Only To Specific IPs
How To Restrict SSH Access Only To Specific IPs
For this tutorial we will use Linux’s host.allow and host.deny file which is pretty straight forward
Step 1
Now we will allow a list of known IPs who should be able to login to SSH. For that we need to add an entry to /etc/hosts.allow file, so we go ahead and open it again with your favorite editor ?
nano /etc/hosts.allow
and add the following lines to allow the whitelisted IP blocks to your public SSH.
sshd: 10.83.33.77/32, 10.63.152.9/32, 10.12.100.11/28, 10.82.192.0/28
This line will allow all the comma separated IP blocks to your SSH port
Note: make sure you double check the IP addresses, or you will be blocked by SSH
Step 2
Open up /etc/hosts.allow file using your favorite text editor
vi /etc/hosts.deny
and add the following lines to deny all SSH connections to your public SSH port
sshd: ALL
This code will block all incoming SSH requests on your SSH port
Regards,
Kon Belieu
Partner
4440 Lake Forest Dr., Suite 102B, Cincinnati, OH 45242