How to block ssh access

How to block ssh access ?

SSH service can be filter using tcpwrapper (hosts.deny)

TCPwrapper is xinetd based service resides under the /etc/xinetd.d. The xinetd Service is a replacement of inetd older version of linux.

TCPwrapper used for Security and Hardening by applying filters.

Following two Linux machines used in our guide

192.168.0.161(mail) to apply filter ( hosts.deny)
192.168.1.44(experts) as source to connect 192.168.0.161

To verify whether the service supports TCP wrapper .

# whereis sshd
sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz
[root@experts ~]# ldd /usr/sbin/sshd | grep libwrap.so
libwrap.so.0 => /lib/libwrap.so.0 (0×00991000)

1. ssh login to 192.168.0.161 as root user , done

1.1

Install xinetd rpm package from repo using yum command line utility.,done

#yum install xinetd

Start service xinetd and set it on at default boot level.

1.2
#service xinetd start

1.3

#chkconfig xinetd on

hosts.allow and hosts.deny configuration files are used for controlling service access, hosts.allow always overwrite hosts.deny file.

(/etc/) The default location for hosts.allow and hosts.deny configuration files

Deny SSH service from 192.168.1.44 to 192.168.0.161 using below steps

2. vi /etc/hosts.deny 

sshd: 192.168.1.44

Save and Exit.

Ex: a IP and range of IP’s or entire subnet or all (sshd: 192.168.1.44 192.168.0.0/255.255.255.0 or ALL : all clients including IP address or host or domain name)
Run below command to apply changes made in hosts.deny.

#service xinetd restart

3. Verify, try login from 192.168.1.44 to 192.168.0.161

[root@experts ~]# ssh 192.168.0.161

Output :

ssh_exchange_identification: Connection closed by remote host
Thanks for watching , for more details visit us www.demo.com

Refer below video :

Both comments and pings are currently closed.

Comments are closed.

Copyright ©Solutions@Experts.com
Copyright © NewWpThemes Techmark Solutions - www.techmarksolutions.co.uk