Home > System Tutorial > LINUX > CentOS SSH login restricts IP and users

CentOS SSH login restricts IP and users

王林
Release: 2024-01-14 15:18:05
forward
1363 people have browsed it

Set SSH under CentOS to only allow specific users to log in from specific IPs, and other unauthorized users and IPs cannot log in.

Demo environment

192.168.1.81:CentOS 6

192.168.0.222:Win 10

192.168.1.135:Win 8.1

Without any settings, both 192.168.0.222 and 192.168.1.135 can log in to 192.168.1.81.
192.168.0.222
CentOS 下SSH限制IP和用户登录
192.168.1.135
CentOS 下SSH限制IP和用户登录

Example 1: Only 192.168.0.222 is allowed to log in to 192.168.1.81

# vim /etc/hosts.allowAdd the last line:
sshd:192.168.0.222:allow //Multiple IPs can be written in multiple lines in this format
# vim /etc/hosts.denyAdd the last line:
sshd:ALL //Except the IPs allowed to log in above, all other IPs are denied login<br> # service sshd restart
192.168.0.222 can log in normally
CentOS 下SSH限制IP和用户登录
192.168.1.135 cannot log in normally
CentOS 下SSH限制IP和用户登录

Example 2: Only hosts in the 192.168.1 network segment are allowed to log in to 192.168.1.81

# vim /etc/hosts.allowAdd the last line
sshd:192.168.1.*:allow

# vim /etc/hosts.denyAdd the last line:
sshd:ALL

# service sshd restart
192.168.0.222 cannot log in normally
CentOS 下SSH限制IP和用户登录
192.168.1.135 can log in normally
CentOS 下SSH限制IP和用户登录

Example 3: Only allow 192.168.0.222 to log in as the keyso user and 192.168.1.135 to log in to 192.168.1.81 as the root user

# vim /etc/ssh/sshd_configAdd the last line
AllowUsers [email protected] [email protected] //Use spaces to separate multiple usernames@IP

# service sshd restart
192.168.0.222 cannot log in normally as the default root user
CentOS 下SSH限制IP和用户登录
192.168.0.222 Can log in normally as keyso user
CentOS 下SSH限制IP和用户登录
192.168.1.135 You can log in normally as the default root user
CentOS 下SSH限制IP和用户登录

The above is the detailed content of CentOS SSH login restricts IP and users. For more information, please follow other related articles on the PHP Chinese website!

source:linuxprobe.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template