Only allow ssh connections to a specific domain

ssh security

Solution 1:

Since SSH doesn't know something like the Host header in HTTP/1.1, you cannot deny a specific user to login to your server. The SSH daemon can't know which domain originally resolved to the IP address it is listening on.

You could only get another IP address, set it as A resource record for subdomain.example.com and allow the user only to login on that specific IP address.

Solution 2:

I believe you can use the hosts.allow and hosts.deny files to limit access to sshd.

Add the following line to /etc/hosts.deny:

sshd: ALL

And add the following to /etc/hosts.allow:

sshd: xxx.domain1.com

Additionally, you can use denyhosts to further protect sshd from unwanted access.

Related

Clearer understanding for glusterfs for replication
Has windows XP support multiple remote login session (RDP) at a time?
Buy vs rent for servers and other hardware
Using a package manager vs compiling from source for latest updates
Is there a way to set up an Exchange mailbox to collect email "anonymously"?
Qmail Patching Makes me Nervous
What is the maximum memory a process (MySQL) can consume on a 32-bit OS?
Reset postgresql
catch forEach last iteration
creating list of objects in Javascript
Is there a timeout for idle PostgreSQL connections?
Replace special characters in a string with _ (underscore)