HOWTO: Allow SSH logins from Anywhere
I, like many people, access my servers, and in fact, almost every other computer in my house, through SSH.
I’ve previously set up the correct port forwarding to port 22, and installed and configured ddclient on my server, in order to be able to SSH into it from a dyndns.org web address.
One thing I forgot however, is to allow SSH logins from unknown IP addresses.
To do this, edit /etc/hosts.allow and add;
sshd : ALL : allow
That will allow any IP address to connect to your server, which is a slightly dangerous thing. You can also list specific IP addresses or ranges to allow, and block all others;
#Allow the xx.xx.xx.0 range sshd : xx.xx.xx. : allow #Allow specific IP sshd : xx.xx.xx.xx : allow #Allow localhost sshd : localhost : allow # Deny all others sshd : ALL : deny
Note that the order is important, if the ALL : deny is at the beginning, it’ll ignore everything after it, and just block everyone.
Filed under: HowTo, Server |
Tags: Server, SSH