Allow SSH for specific IP Address and block all others<\/p>\n\n\n\n
SSHD will first check \/etc\/hosts.allow for entries. If there is no rule in \/etc\/hosts.allow which fits SSHD will go on checking \/etc\/hosts.deny for rules.<\/p>\n\n\n\n
So you need to add:<\/p>\n\n\n\n
vim \/etc\/hosts.deny<\/p>\n\n\n\n
sshd: ALL EXCEPT LOCAL<\/em><\/p>\n\n\n\n To block every SSH connection, except localhost, which is not in \/etc\/hosts.allow.<\/p>\n\n\n\n vim \/etc\/hosts.allow<\/p>\n\n\n\n sshd: 192.168.178.10<\/em><\/p>\n\n\n\n sshd: 192.168.178.11<\/em><\/p>\n\n\n\n sshd: 192.168.178.10\/255.255.255.0<\/em><\/p>\n\n\n\n To allow specific IPs. Last rule is an example for an IP range.<\/p>\n\n\n\n However using \/etc\/hosts.allow and \/etc\/hosts.deny is not the recommended method to allow SSH only for a few IPs. You should consider using iptables for that job.<\/p>\n\n\n\n You could allow SSH for a specific IP by using a rule like:<\/p>\n\n\n\n iptables -A INPUT -m state –state NEW,ESTABLISHED,RELATED –source x.x.x.x -p tcp –dport 22 -j ACCEPT<\/em><\/p>\n\n\n\n iptables -A INPUT -m state –state NEW,ESTABLISHED,RELATED -p tcp –dport 22 -j DROP<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" Allow SSH for specific IP Address and block all others Solution 1: Using \/etc\/hosts.allow And \/etc\/hosts.deny File SSHD will first check \/etc\/hosts.allow for entries. If there is no rule in \/etc\/hosts.allow which fits SSHD will go on checking \/etc\/hosts.deny for rules. So you need to add: vim \/etc\/hosts.deny sshd: ALL EXCEPT LOCAL To block every Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-348","post","type-post","status-publish","format-standard","hentry","category-linux"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts\/348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=348"}],"version-history":[{"count":0,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=\/wp\/v2\/posts\/348\/revisions"}],"wp:attachment":[{"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/SUMMALAI.COM\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Solution 2:<\/h1>\n\n\n\n
Using iptables<\/h1>\n\n\n\n