Server Administration Help - Limit SSH to a specific IP only
Do not do this if your connection is not a static one as it will lock you out from your machine and you will then need to be down with your server physsically to re-do the configuration.
This edits the hosts.deny and hosts.allow scripts and makes it only available for one specific IP to access SSH. This can be done for other services on your server as well.
First open /etc/hosts.allow
It is critical that you first place these lines in the hosts.allow file first
sshd: 111.222.333.444 : ALLOW
sshd: xxx.xxx.xxx.xxx : ALLOW
sshd: abc.xyz.123.456 : ALLOW
You can add as much allowable IPs as possible.
Next you will close SSH to all other IPs.
Open /etc/hosts.deny and insert the following
sshd: ALL : DENY
That will lock SSH from all other IP addresses.
Caution!
Before you close your console, open a new one and make sure that you can log into your server with the specified IP before logging yourself out.
Back to FaQ Section
|
|
