Hacker News new | past | comments | ask | show | jobs | submit login

Do you have any resources on how to allow ssh access from certain IP ranges? I can't find anything useful on this topic.



LAN IPs or WAN IPs?

If you're using public/private keys you can use the "from" option for the keys. But it's not fool proof.


iptables, ufw, Security Groups (if you’re on AWS). There is a lot of ways to it.


There isn’t lots of ways to do it; there’s just the one: firewall rules. There just happens to be lots of different types of filewalls.

If you want to get clever then you can enable port knocking but my personal preference is just good old fashioned whitelist of IPs with fail2ban running ready to auto-blacklist any of those IPs that have too many failed login attempts in a given period of time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: