Wednesday, November 3, 2021

Allow and Deny ssh access for host

TCP Wrappers is a host-based networking ACL system, used to filter network access to Internet Protocol servers on operating systems such as Linux.
It allows host or sub-network IP addresses, to be used as tokens on which to filter for access control purposes.

In this tutorial we configure host access with example of ssh access. how to deny and allow host access without help of firewall in linux.


Step 1) Edit hosts.allow file from the below command.

$ sudo vim /etc/hosts.allow 

 

Step 2) Write below entry on the file

Note:- In this scenario we are allowing only selected ip's for accessing server.
       and other all host will not access the server.
       

sshd : 192.168.20.20 : allow
sshd : 192.168.20.21 : allow
sshd : ALL : deny


Step 3) Now check the server access via ssh with selected ip and without selected ips.


For your Information :-

  •  If you get below error means your network does not have write access.


Ubuntu@~$ ssh root@192.168.20.2
ssh_exchange_identification: read: Connection reset by peer


Some daemon


sshd : 192.168.20.20/255.255.192.0 : allow
sshd : 192.168.60.64 : allow


ftp : 192.168.60.64 : allow
ftp : ALL : deny


postgresql : 192.168.60.64 : allow
postgresql : ALL : deny


27017 : 192.168.60.64 : allow
27017 : LOCAL : allow
27017 : ALL : deny


cpaneld : 192.168.60.64 : allow
cpaneld : ALL : deny



No comments:

Post a Comment

testing