Spread the love
How to Restrict SSH Access to Specific IP Addresses - Fedingo

Open SSH to everyone is a security risk. we can change these settings easily in 2 minutes. let’s have quick solution on this.

Open file /etc/hosts.deny with using vi or nano editor.

Command : sudo vi /etc/hosts.deny then add below line to the file.

sshd,sshdfwd-X11 : ALL

it will look like above file. it will disable all ssh request.

After this close this file and open another file named as hosts.allow

Command : sudo vi /etc/hosts.allow

sshd : 192.168.0.0/24 // your ip address or client ip address
sshd : 127.0.0.1
sshd : [::1]

You are done. now you only be able to access the server using the defined ip address in server.

Additionally you can restrict SSH access by username as well.

  1. Open the /etc/ssh/sshd_config file usingg vi
    Command : sudo vi /etc/ssh/sshd_config

    PermitRootLogin no
    AllowUsers      user1 user2 user3 etc
    PasswordAuthentication yes

PermitRootLogin no configuration will disable the root login into the server and AllowUsers  will only allow mentioned usernames.

Leave a Reply