{"id":110,"date":"2022-12-30T22:02:53","date_gmt":"2022-12-30T22:02:53","guid":{"rendered":"https:\/\/smartserverhost.com\/blog\/?p=110"},"modified":"2022-12-30T22:05:22","modified_gmt":"2022-12-30T22:05:22","slug":"how-to-restrict-ssh-access-only-to-specific-ips","status":"publish","type":"post","link":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/","title":{"rendered":"How to restrict SSH access only to specific IPs"},"content":{"rendered":"\n

Introduction<\/strong><\/p>\n\n\n\n

Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your passwords so it is always best to lock SSH access<\/a> to a list of your trusted static IPs (such as your companies VPN IPs<\/p>\n\n\n\n

For this tutorial, we will use Linux\u2019s host. allow and host. deny file which is pretty straight forward<\/p>\n\n\n\n

Step 1<\/strong>– Now we will allow a list of known IPs who should be able to login to SSH. For that we need to add an entry to\u00a0\/etc\/hosts. allow file, so we go ahead and open it again with your favorite editor?<\/p>\n\n\n\n

vi \/etc\/hosts.allow<\/pre>\n\n\n\n
and add the following lines to allow the whitelisted IP blocks to your public SSH.<\/p>\n\n\n\n
sshd: 10.83.33.77\/32, 10.63.152.9\/32, 10.12.100.11\/28, 10.82.192.0\/28<\/pre>\n\n\n\n
This line will allow all the comma-separated IP blocks to your SSH port<\/p>\n\n\n\n
Note: make sure you double-check the IP addresses, or you will be blocked by SSH<\/a><\/p>\n\n\n\n
Step 2<\/strong>– Open up\u00a0\/etc\/hosts.allow files using your favorite text editor<\/p>\n\n\n\n
vi \/etc\/hosts.deny<\/pre>\n\n\n\n
and add the following lines to deny all SSH connections to your public SSH port<\/p>\n\n\n\n
sshd: ALL<\/pre>\n\n\n\n
This code will block all incoming SSH requests on your SSH port<\/mark><\/p>\n\n\n\n
Conclusion<\/strong>– That\u2019s it. This will protect you from brute force attacks and messages like \u201cThere was 9999 failed login attempt since the last successful login.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"
Introduction Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your passwords so it is always best to lock SSH access to a list of<\/p>\n","protected":false},"author":1,"featured_media":111,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-110","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"yoast_head":"\nHow to restrict SSH access only to specific IPs - SmartServerHost<\/title>\n<meta name=\"description\" content=\"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to restrict SSH access only to specific IPs - SmartServerHost\" \/>\n<meta property=\"og:description\" content=\"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/\" \/>\n<meta property=\"og:site_name\" content=\"SmartServerHost\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/smartserverhost\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-30T22:02:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-30T22:05:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"810\" \/>\n\t<meta property=\"og:image:height\" content=\"420\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Adam\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@smartserverhost\" \/>\n<meta name=\"twitter:site\" content=\"@smartserverhost\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Adam\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/\"},\"author\":{\"name\":\"Adam\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#\\\/schema\\\/person\\\/ab21bff2d23cbbfbcd8065b41da2dcc6\"},\"headline\":\"How to restrict SSH access only to specific IPs\",\"datePublished\":\"2022-12-30T22:02:53+00:00\",\"dateModified\":\"2022-12-30T22:05:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/\"},\"wordCount\":230,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/ssh-client-and-server.jpg\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/\",\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/\",\"name\":\"How to restrict SSH access only to specific IPs - SmartServerHost\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/ssh-client-and-server.jpg\",\"datePublished\":\"2022-12-30T22:02:53+00:00\",\"dateModified\":\"2022-12-30T22:05:22+00:00\",\"description\":\"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/ssh-client-and-server.jpg\",\"contentUrl\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/ssh-client-and-server.jpg\",\"width\":810,\"height\":420,\"caption\":\"How to restrict SSH access only to specific IPs\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/how-to-restrict-ssh-access-only-to-specific-ips\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to restrict SSH access only to specific IPs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/\",\"name\":\"SmartServerHost\",\"description\":\"Reliable Network Solutions\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#organization\",\"name\":\"SmartServerHost\",\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/cropped-site_logo.webp\",\"contentUrl\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/cropped-site_logo.webp\",\"width\":263,\"height\":50,\"caption\":\"SmartServerHost\"},\"image\":{\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/smartserverhost\",\"https:\\\/\\\/x.com\\\/smartserverhost\",\"https:\\\/\\\/www.instagram.com\\\/smartserverhost\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/#\\\/schema\\\/person\\\/ab21bff2d23cbbfbcd8065b41da2dcc6\",\"name\":\"Adam\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g\",\"caption\":\"Adam\"},\"sameAs\":[\"https:\\\/\\\/smartserverhost.com\\\/\"],\"url\":\"https:\\\/\\\/smartserverhost.com\\\/blog\\\/author\\\/samar\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to restrict SSH access only to specific IPs - SmartServerHost","description":"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/","og_locale":"en_US","og_type":"article","og_title":"How to restrict SSH access only to specific IPs - SmartServerHost","og_description":"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your","og_url":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/","og_site_name":"SmartServerHost","article_publisher":"https:\/\/www.facebook.com\/smartserverhost","article_published_time":"2022-12-30T22:02:53+00:00","article_modified_time":"2022-12-30T22:05:22+00:00","og_image":[{"width":810,"height":420,"url":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg","type":"image\/jpeg"}],"author":"Adam","twitter_card":"summary_large_image","twitter_creator":"@smartserverhost","twitter_site":"@smartserverhost","twitter_misc":{"Written by":"Adam","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#article","isPartOf":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/"},"author":{"name":"Adam","@id":"https:\/\/smartserverhost.com\/blog\/#\/schema\/person\/ab21bff2d23cbbfbcd8065b41da2dcc6"},"headline":"How to restrict SSH access only to specific IPs","datePublished":"2022-12-30T22:02:53+00:00","dateModified":"2022-12-30T22:05:22+00:00","mainEntityOfPage":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/"},"wordCount":230,"commentCount":0,"publisher":{"@id":"https:\/\/smartserverhost.com\/blog\/#organization"},"image":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#primaryimage"},"thumbnailUrl":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg","inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/","url":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/","name":"How to restrict SSH access only to specific IPs - SmartServerHost","isPartOf":{"@id":"https:\/\/smartserverhost.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#primaryimage"},"image":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#primaryimage"},"thumbnailUrl":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg","datePublished":"2022-12-30T22:02:53+00:00","dateModified":"2022-12-30T22:05:22+00:00","description":"Once your IP is public it gets attention from so many bots on the internet that do brute force and dictionary attacks to \u201cguess\u201d your","breadcrumb":{"@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#primaryimage","url":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg","contentUrl":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/12\/ssh-client-and-server.jpg","width":810,"height":420,"caption":"How to restrict SSH access only to specific IPs"},{"@type":"BreadcrumbList","@id":"https:\/\/smartserverhost.com\/blog\/how-to-restrict-ssh-access-only-to-specific-ips\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/smartserverhost.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How to restrict SSH access only to specific IPs"}]},{"@type":"WebSite","@id":"https:\/\/smartserverhost.com\/blog\/#website","url":"https:\/\/smartserverhost.com\/blog\/","name":"SmartServerHost","description":"Reliable Network Solutions","publisher":{"@id":"https:\/\/smartserverhost.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartserverhost.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartserverhost.com\/blog\/#organization","name":"SmartServerHost","url":"https:\/\/smartserverhost.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartserverhost.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/10\/cropped-site_logo.webp","contentUrl":"https:\/\/smartserverhost.com\/blog\/wp-content\/uploads\/2022\/10\/cropped-site_logo.webp","width":263,"height":50,"caption":"SmartServerHost"},"image":{"@id":"https:\/\/smartserverhost.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/smartserverhost","https:\/\/x.com\/smartserverhost","https:\/\/www.instagram.com\/smartserverhost\/"]},{"@type":"Person","@id":"https:\/\/smartserverhost.com\/blog\/#\/schema\/person\/ab21bff2d23cbbfbcd8065b41da2dcc6","name":"Adam","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/891734c8740f86e3c3ecdb7f0d3065fc76775a6c3b679c5be1d84a74d8cd3167?s=96&d=mm&r=g","caption":"Adam"},"sameAs":["https:\/\/smartserverhost.com\/"],"url":"https:\/\/smartserverhost.com\/blog\/author\/samar\/"}]}},"_links":{"self":[{"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/posts\/110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/comments?post=110"}],"version-history":[{"count":0,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/posts\/110\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/media\/111"}],"wp:attachment":[{"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/media?parent=110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/categories?post=110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartserverhost.com\/blog\/wp-json\/wp\/v2\/tags?post=110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}