Many times, hackers and bots try to gain access to your system via SSH by using brute force attacks and other methods. This can compromise the security of your system. So it is important to restrict SSH access to specific IP addresses that you trust. In this article, we will look at how to restrict SSH access to specific IP addresses. You can use these steps on almost every Linux distribution.
How to Restrict SSH Access to Specific IP Addresses
Linux provides two files host.allow and host.deny to allow and deny access to SSH port. You simply need to add your trusted IP addresses to host.allow file, and add suspicious IP addresses in host.deny file.
1. Allow SSH Access
Open terminal and run the following command to open host.allow file.
$ sudo vi /etc/host.allow
Add the following line to allow access from ip 54.43.32.12
sshd: 54.43.32.12
If you want to allow access from multiple IP addresses, add them in a comma-separated manner
sshd: 54.43.32.12, 65.54.32.32, 220.234.23.12
If you want to allow access from range of IP addresses use the CIDR notation to allow an IP address range. Here is an example to allow ip address 54.43.32.0-54.43.32.255 and 44.43.32.0-44.43.32.255
sshd: 54.43.32.0/24, 44.43.32.0/24
2. Restrict SSH Access
Similarly, open terminal and run the following command to open host.deny file.
$ sudo vi /etc/host.deny
Add the following line to deny access from ip 44.43.32.12
sshd: 44.43.32.12
If you want to restrict access from multiple IP addresses, add them in a comma-separated manner
sshd: 44.43.32.12, 45.54.32.32, 210.234.23.12
If you want to restrict access from range of IP addresses use the CIDR notation to allow an IP address range. Here is an example to restrict ip address 44.43.32.0-44.43.32.255 and 34.43.32.0-34.43.32.255
sshd: 44.43.32.0/24, 34.43.32.0/24
If you want to block all addresses other than the ones mentioned host.allow file, then add the following line in host.deny file.
sshd: ALL
This will protect your website brute force attacks and other malicious methods used by hackers.
Also read:
How to Find Users Currently Logged in Linux
How to Check Uptime of System in Linux
How to Resize Partition in Ubuntu
How to Update Key in Python Dictionary
How to Search Item in List of Dictionaries in Python
Related posts:
How to Check Supported TLS/SSL Version in Linux
How to Find Files Larger Than 1GB
How to Install RPM Package in Redhat, CentOS
How to Create Nested Directory in Linux with One Command
How to Set JAVA_HOME in Ubuntu
How to Change Mac Address in Linux
How to Delete Folders Older than 7 Days in Ubuntu
How to Give User Access to Folder in Linux
Sreeram has more than 10 years of experience in web development, Python, Linux, SQL and database programming.