Many times, hackers and bots try to gain access to your system via SSH by using brute force attacks and other methods. This can compromise the security of your system. So it is important to restrict SSH access to specific IP addresses that you trust. In this article, we will look at how to restrict SSH access to specific IP addresses. You can use these steps on almost every Linux distribution.
How to Restrict SSH Access to Specific IP Addresses
Linux provides two files host.allow and host.deny to allow and deny access to SSH port. You simply need to add your trusted IP addresses to host.allow file, and add suspicious IP addresses in host.deny file.
1. Allow SSH Access
Open terminal and run the following command to open host.allow file.
$ sudo vi /etc/host.allow
Add the following line to allow access from ip 54.43.32.12
sshd: 54.43.32.12
If you want to allow access from multiple IP addresses, add them in a comma-separated manner
sshd: 54.43.32.12, 65.54.32.32, 220.234.23.12
If you want to allow access from range of IP addresses use the CIDR notation to allow an IP address range. Here is an example to allow ip address 54.43.32.0-54.43.32.255 and 44.43.32.0-44.43.32.255
sshd: 54.43.32.0/24, 44.43.32.0/24
2. Restrict SSH Access
Similarly, open terminal and run the following command to open host.deny file.
$ sudo vi /etc/host.deny
Add the following line to deny access from ip 44.43.32.12
sshd: 44.43.32.12
If you want to restrict access from multiple IP addresses, add them in a comma-separated manner
sshd: 44.43.32.12, 45.54.32.32, 210.234.23.12
If you want to restrict access from range of IP addresses use the CIDR notation to allow an IP address range. Here is an example to restrict ip address 44.43.32.0-44.43.32.255 and 34.43.32.0-34.43.32.255
sshd: 44.43.32.0/24, 34.43.32.0/24
If you want to block all addresses other than the ones mentioned host.allow file, then add the following line in host.deny file.
sshd: ALL
This will protect your website brute force attacks and other malicious methods used by hackers.
Also read:
How to Find Users Currently Logged in Linux
How to Check Uptime of System in Linux
How to Resize Partition in Ubuntu
How to Update Key in Python Dictionary
How to Search Item in List of Dictionaries in Python
Related posts:
Grep Exclude Word Pattern
How to Fix Permission Denied Error While Using Cat Command
How to Create Startup Disk for Ubuntu
How to Find Largest Files & Directories in Linux
How to Truncate File in Linux
How to Change Default Shell In Linux
How to Reload Bashrc settings Without Logging Out and Back In
How to Enable Screen Sharing in Ubuntu
Sreeram has more than 10 years of experience in web development, Python, Linux, SQL and database programming.