There are a number of ways of doing this depending on the configuration of your network:
- It is possible to use access control lists or rules on your networking devices to block incoming SSH access from all IP addresses except your own. For example, adding an iptables rule that restricts incoming SSH access to a single IP or subnet. An important consideration here though, is that if your IP address changes or you need to access the host from an address or network not specified in that ruleyou will not be able to connect. Make sure that you update the rule/ACL when IP addresses change and make sure you include all of the IP addresses from which you may require access.
- Secondly, you can use one of a number of tools like BlockSSHd or sshdfilter to dynamically block-in your firewall IP addresses that are the source of failed SSH logins.
Dig deeper on Linux security risks and threats
Related Q&A from James Turnbull
A user wants to implement OSSEC on a Windows server because he has no server side Linux operating system.continue reading
Solaris 10 Trusted Extensions and SELinux are best suited to different system requirements and administrator skill sets. Our security expert explains...continue reading
Configuring spam filters Spamassassin and dspam together in the email server Postfix is easy with the resources listed by our security expert.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.