This article explains how to use TCPWrappers to control which hosts can connect to a server using SSH. The two files we’ll be using are “/etc/hosts.allow” and “/etc/hosts.deny”. As the names imply, we’re controlling which “hosts” can access the server, not which users.
Find out more here: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/Reference_Guide/s1-tcpwrappers-access.html
Why not use IP Tables to do this? We get logging to “/var/log/secure” indicating there’s been an attempt.
TIP: When testing, use a server that you have console access to just incase you kick yourself off. Also note that only new connections are effected, existing sessions remain functional.
The first file to edit is the “/etc/hosts.allow”. Here we’re allowing SSH connectivity from “10.1.2.3”.
sshd: 10.1.2.3
Now we edit the “/etc/hosts.deny” file. Here we’re denying connectivity from everywhere.
sshd: All
The “/etc/hosts.allow” file is read first.
You don’t need to restart anything for this to take effect.