Allow/Deny Access From Selected IP Addresses Or Network Via SSH in Linux: ------------------------------------------------------------------------- Allow/Deny Access Using TCP Wrappers (Works only on RHEL 7): # cat /etc/redhat-release # ip a Check IP Address of other machine from where you want to login. Winodws: # ipconfig Linux: # ifconfig OR # ip a # ssh root@192.168.0.164 # exit # ls -l /etc/hosts.* Edit hosts.deny file to deny the access for selected IP Addresses. # vim /etc/hosts.deny sshd: 192.168.0.198 # ftp: 192.168.0.197 # systemctl restart sshd Go to other machine and test the access, it will not allow you to login using SSH. # ssh root@192.168.0.164 Test access from same machine, it will allow you to login using SSH. # ssh root@localhost # exit Edit hosts.deny file to deny the access for entire network (subnet). # vim /etc/hosts.deny sshd: 192.168.0.0/24 OR sshd: 192.168.0.0/255.255.255.0 OR sshd: 192.168.0.* # systemctl restart sshd Go to other machine and test the access, it will not allow you to login using SSH. # ssh root@192.168.0.164 Test access from same machine, it will allow you to login using SSH. # ssh root@localhost # exit Edit hosts.allow file to allow the access for selected IP Addresses. # vim /etc/hosts.allow sshd: 192.168.0.198 # systemctl restart sshd Go to other machine and test the access, it will not allow you to login using SSH. # ssh root@192.168.0.164 Test access from same machine, it will allow you to login using SSH. # ssh root@localhost # exit ------------------------------------- Allow/Deny Access in For Selected IP Addresses in RHEL 8 Where TCP Wrappers Is Not Supported: # cd /etc/ssh # ls -l # vim sshd_config DenyUsers *@192.168.0.198 # systemctl restart sshd Go to other machine and test the access, it will not allow you to login using SSH. # ssh root@192.168.0.164 Test access from same machine, it will allow you to login using SSH. # ssh root@localhost # exit Allow/Deny Access in For Entire Network in RHEL 8 Where TCP Wrappers Is Not Supported: # vim sshd_config DenyUsers *@192.168.0.0/255.255.255.0 OR DenyUsers *@192.168.0.* # systemctl restart sshd Go to other machine and test the access, it will not allow you to login using SSH. # ssh root@192.168.0.164 Test access from same machine, it will allow you to login using SSH. # ssh root@localhost # exit ======================= Entries in both allow or deny: for tcp wrappers allow option will override deny entry. for sshd_config deny option will override allow entry.

Nice video

I learn lots from your video

Thank you sir. Your videos are awesome 👍

In Rhel 8 we can only allow/deny in the sshd_config file as he said tcpwrappers don't work then once the whole network is denied and we want to allow only a particular user to ssh out that network? As he said deny will override ,and in that case allow will not work for a paritcular user.Please reply.

Last me jo aapne btaya sshd config me work nhi krega toh iska hume hr ek ko mention krna pdega Right??

Good informatic vedio sirji . what is d name of kernel module supporting for tcp wrappers which isn't present in rhel8/centos8 but present in rhel7/centos7. modinfo modulename modprobe -l modulename cat /boot/config-3.x.y.z | grep -i modulename cat /boot/config-4.x.y.z | grep -i modulename. For kind info

Hi, how to access linux video's Which amount I will pay u for all linux videos