How to Restrict Access to SSH Connections
The Secure Shell (SSH) allows protected, encrypted communication with other systems. As SSH is an entry point into the system, disable it if it is not required. Alternatively, we can make it more secure by restricting its use. To do that edit the /etc/ssh/sshd_config file.
Disable Root Login:
For example, the following setting does not allow root to log in using SSH:
PermitRootLogin noBy default root login is disabled in Linux distros, But if its not you can do the above changes and Restart sshd daemon.
Allow/Deny Users
You can restrict remote access to certain users and groups by specifying the AllowUsers, AllowGroups, DenyUsers, and DenyGroups settings, for example:
DenyUsers carol dan
AllowUsers alice bobAutomatic timeout
The ClientAliveInterval and ClientAliveCountMax settings cause the SSH client to time out automatically after a period of inactivity, for example:
# Disconnect client after 300 seconds of inactivity
ClientAliveCountMax 0
ClientAliveInterval 300After making changes to the configuration file, restart the sshd service for your changes to take effect.
# systemctl restart sshd
About Manas Ranjan Tripathy
No comments