How to limit SSH-Access to IP

September 9, 2015 1.6k views
Security Networking

Hi there

I'm using Ubuntu 14x and due to security, I'd like to limit ssh connections to just my VPN (OpenVPN) address.

How to proceed? I found many ways, but AllowUsers root@ip didn't do the job.


3 Answers

Configure your Firewall, (iptables or ufw) to reject connections on your SSH Port unless from that specific IP Address.
Using something like the below:
iptables -I INPUT -p tcp ! -s <permittedIP> -j DROP


Thank you very much.

That means

iptables -I INPUT -p tcp ! -s --dport 22 -j DROP

will protect my server on port 22 and ssh will only be allowed through this ip?


  • That's correct. Any TCP connections to port 22 (SSH) that are not originating from the IP address are simply ignored and not passed to the SSH daemon at all.

Have another answer? Share your knowledge.