Open SSH to everyone is a security risk. we can change these settings easily in 2 minutes. let’s have quick solution on this.
Open file /etc/hosts.deny with using vi or nano editor.
Command : sudo vi /etc/hosts.deny then add below line to the file.
sshd,sshdfwd-X11 : ALL
it will look like above file. it will disable all ssh request.
After this close this file and open another file named as hosts.allow
Command : sudo vi /etc/hosts.allow
sshd : 192.168.0.0/24 // your ip address or client ip address sshd : 127.0.0.1 sshd : [::1]
You are done. now you only be able to access the server using the defined ip address in server.
Additionally you can restrict SSH access by username as well.
- Open the /etc/ssh/sshd_config file usingg vi
Command : sudo vi /etc/ssh/sshd_config
PermitRootLogin no
AllowUsers user1 user2 user3 etc
PasswordAuthentication yes
PermitRootLogin no configuration will disable the root login into the server and AllowUsers will only allow mentioned usernames.
