Reading the doc for how to allow Droplet Console to access a droplet, it only mentions allowing ssh through. Currenly, the attempt just times out. I would REALLY prefer not to open SSH up to the world. Which IPs do I need to allow ssh access?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
I some additional research on this topic. While we don’t know which IP’s to allow for the droplet console, you can still limit the IP’s safely.
Why? DO offers a recovery console that acts like a direct attached keyboard and mouse. So you can restrict IP access to your ssh server, and even if you mess up and block yourself from connecting, you can still use the recovery console to regain access.
Please mark this comment as the answer to this thread.
I have this question, too. I run a VPN on my droplets, so I only want ssh access via the VPN network. But I want to allow Web console to work in case I lock myself out.
I logged into my Droplet today using the Web console and the IP shows as “162.243.188.66” , but there could be more IP addresses that need to be allowed.
You’d think DO would share this IP address list or range with their users in the interests of security.
Hi @solitaryr,
Regarding the Web Console, you shouldn’t be having issues or needing to allow anything on the Droplet.
Having said that, unless you’ve changed anything in the /etc/ssh/sshd_config file, your Droplet can be accessed only by the Web Console or with SSH key so opening the port 22 shouldn’t be a problem.
Additionally, you can allow port 22 only for your IP address and use PuTty to do so.