最近学到了 Linux 可以通过 /etc/hosts.allow 和 /etc/hosts.deny 对远程访问进行控制。
How to allow an IP address for SSH connection?
- Step 1 : SSH to server as root user.
- Step 2 : Open
/etc/hosts.allowfile using your favorite text editor.
To allow one IP address to server:
1 | sshd : IP-Address |
To allow more than one IP addresses:
1 | sshd : IP-Address1, IP-Address2, IP-Address3 |
To allow IP ranges:
1 | sshd : 33.*.*.* |
To allow all IP addresses for SSH:
1 | sshd : ALL |
Or
1 | ALL : ALL |
We can also control the same from /etc/hosts.deny file by adding the keyword “ALLOW.” See the example pasted below:
Example:
1 | # vim /etc/hosts.deny |
