Limit Shell Access by IP address
Limit ssh access by IP address linux ssh
To limit ssh access to a linux box based on originating IP address, edit /etc/hosts.allow:
sshd : localhost : allow sshd : 192.168.0. : allow sshd : 188.8.131.52 : allow sshd : mydomain.net : allow sshd : ALL : deny
The above entry will allow ssh access from localhost, the 192.168.0.x subnet, the single IP address 184.108.40.206, and mydomain.net (assuming mydomain.net has a ptr record in place to facilitate reverse lookup). All other IP addresses will be denied access to sshd.
You can allow or deny based on ip address, subnet, or hostname. List rules in order of most to least specific. The file only gets read until a matching line is found, so if you start with ssdh : ALL : deny, no ssh connections will be allowed.