Dennie
asked on
Allow access to SSH for certain IPs
Hi,
what is the best way to deny access to ssh for every body except certain IPs. Looking for a way that's the easiest to configure, like editing a single file
Can I use iptables and put all IPs in a file? or hosts.allow? How do I deny access for every body?
what is the best way to deny access to ssh for every body except certain IPs. Looking for a way that's the easiest to configure, like editing a single file
Can I use iptables and put all IPs in a file? or hosts.allow? How do I deny access for every body?
ASKER
what if I want to add 5 more IPs?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi, I make by means of firewall or iptables
in shorewall like this
ACCEPT net:XXX.XXX.XXX.XXX $FW tcp ssh
iptables other example
iptables -A INPUT -p tcp -s 192.168.0.0/24 --dport 22 -j ACCEPT
http://wiki.centos.org/HowTos/Network/IPTables
regardss
in shorewall like this
ACCEPT net:XXX.XXX.XXX.XXX $FW tcp ssh
iptables other example
iptables -A INPUT -p tcp -s 192.168.0.0/24 --dport 22 -j ACCEPT
http://wiki.centos.org/HowTos/Network/IPTables
regardss
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sshd: ALL EXCEPT 192.168.0.2
The above denies all except 192.168.0.2. You don't need a restart as the settings are read once you save the file.