From the course: Linux System Engineer: Networking and SSH
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Restricting SSH logins by user and network
From the course: Linux System Engineer: Networking and SSH
Restricting SSH logins by user and network
- [Narrator] Restricting root logins is easy but we might want to go further than that and restrict which users can log in and from where. It doesn't matter which VM you do this on, I'll be using rhhost1. We can restrict SSH so it will only answer requests from specific networks by using the listen address option in the sshd_config file. Let me show you what that looks like. Let's edit the sshd_config file using VI. Type in sudo vi /etc/ssh/sshd_config and hit enter. Type in your password. Let's go into insert mode by pressing i. Near the top is a line that says listen address. To restrict to a certain network, we would remove the preceding hash and change the value to our local network. In my case the local network is 192.168.0.0. Another way to restrict access is by using the allow users option. There are no allow users lines in the default file so we'll have to add it. I like to add options like this to the bottom so I can find them easy later. Press escape to exit insert mode, and…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.