Allow certain IP addresses to SSH

Question

I want to allow only a few IP addresses for making SSH connection. I'm using CentOS 7 with firewalld and OpenSSH SSH client.

How can I achieve this?

I tried placing the IP's in the SSH config file: "/etc/ssh/sshd_config" with ListenAddress. I also searched for commando's like: firewall-cmd --remove-service=ssh firewall-cmd --add-rich-rule="rule family="ipv4" source address="xx.xx.xx.xx" service name="ssh" accept" I want to know for sure that it's works, because remove-service sounds scary. — Jeroen Steen, Jun 06 '15 at 14:06
With all due respect, please do research before making changes like this. ListenAddress has absolutely nothing to do with what you want to accomplish. As mentioned below, you need to research firewalls and iptables. — EEAA, Jun 06 '15 at 14:47

score 1 · Answer 1 · answered Jun 06 '15 at 13:44

1

you can achieve by reading following:

man firewall-cmd (firewall-cmd - firewalld command line client)
man iptables (iptables/ip6tables — administration tool for IPv4/IPv6 packet filtering and NAT)

answered Jun 06 '15 at 13:44

alexus

1

Did you consider using `Match` in `sshd_config` to achieve this? – kasperd Jun 07 '15 at 07:55

1 Answers1