Lockdown SSH with TCPWrappers: Difference between revisions
Docs admin (talk | contribs) Created page with "To ensure SSH access is not lost during this process you will need to add your IP to the allow list. Access the server via command line Edit the file <syntaxhighlight lang=..." |
Docs admin (talk | contribs) m Docs admin moved page Lockdown SSH with TCPWrappers (CentOS to Lockdown SSH with TCPWrappers |
(No difference)
| |
Latest revision as of 14:02, 22 July 2015
To ensure SSH access is not lost during this process you will need to add your IP to the allow list.
Access the server via command line
Edit the file <syntaxhighlight lang="bash">/etc/hosts.allow</syntaxhighlight>
After the comment lines add <syntaxhighlight lang="bash">sshd : YOURIP</syntaxhighlight>So for example if your IP is 198.198.198.198, The line should look like this <syntaxhighlight lang="bash">sshd : 198.198.198.198</syntaxhighlight>
After you have added your IP to the allow list you can block other SSH access to the server.
Edit the file <syntaxhighlight lang="bash">/etc/hosts.deny</syntaxhighlight>
After the comment lines in this file add<syntaxhighlight lang="bash">sshd : all</syntaxhighlight>
SSH access should then be restricted to only your IP.
You can confirm the restriction is in place by attempting to SSH from any other host.