Accepting SSH connections only from localhost

ssh localhost tor

I just installed SSH and I would like to set it up to only accept connections from localhost. I plan to point a .onion address to it so that I may connect to it from anywhere on any network.


Solution 1:

In the /etc/ssh/sshd_config file there are those fields : 

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0

Change #ListenAddress 0.0.0.0 to ListenAddress 127.0.0.1, taking note to remove the leading #.

Then run sudo reload ssh and you will be able to connect only from localhost.

Solution 2:

Another solution:

add the following line to the file /etc/hosts.deny:

sshd: ALL

add the following line to the file /etc/hosts.allow:

sshd: localhost

Solution 3:

Plus you should read about iptables.

You can block connection to your host on port 22 via iptables:

# iptables -I INPUT -i eth0 -p tcp --dport 22 -s 0.0.0.0/0 -j DROP
# iptables -I INPUT -i lo -p tcp --dport 22 -j ACCEPT

And read about TransparentProxy.

Anyway solution with /etc/ssh/sshd_config, better.

Related

How do I create a symbolic link [duplicate]
How to remove special 'M-BM-' character with sed
Can't move a window in Unity (it's stuck)!
What mount point should I use for data/free space
What does the "nice" value mean in CPU utilization statistics
How can I install protobuf in ubuntu 12.04?
How to find the size of a filesystem?
Use sed command to apply a condition to check if a pattern has been matched
Find executable filenames without path
Intermittent apt-get install issues when creating an AMI using Packer
How do I terminate a 'Ping' without closing the command terminal window?
How to install VidyoDesktop on Ubuntu 16.04 LTS?