Yesterday, I whitelisted my computer’s IPv6 address for SSH into my Droplets. Today, my computer has a different IPv6 address. The first 64 bits are the same (“network part”?) and the last 64 bits have changed (“host part”?).
I have two questions:
- Given my IP address or information available on my router, is it possible to tell the range of IP addresses any host on my home network might be assigned?
- Given that range, can I whitelist it in Cloud Firewall?
Thank you.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey there! You can restrict access by IP address, subnets, or CIDR ranges on your DigitalOcean Cloud Firewall.
Your IP range will vary as your ISP can often change your address. Sites like whatismyipaddress.com will often give you some details about your current network, but I wouldn’t recommend restricting SSH to a range of dynamic IP addresses.
Instead, it’s better practice to login in to your Droplet using SSH keys for a non-root user with sudo privileges, and have root login disabled. We have a guide which discusses this further here https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1804
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.