0

I want to block access from some external host to my ssh deamon. Is there something in the sshd_config file I can set?

Just if this matters: I'm on a Synology 1010+ with openssh installed from ipgk, if this matters.

BetaRide
  • 435
  • 2
  • 10
  • 20

1 Answers1

2

you can do this by adding the following to your sshd_config

DenyUsers username@host

for example when you want to ssh acces from the 80.25 ip-range for root:

DenyUsers root@80.25.*

From the manpages:

The allow/deny directives are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.

timmeyh
  • 958
  • 1
  • 6
  • 25
  • Of course, the best thing to do is set up iptables rules, though I don't know if that is possible. It seems that `DenyUsers` also supports wildcards for the username, so `DenyUsers *@80.25.*` would be the way to block everyone from 80.25. – chutz May 27 '12 at 22:25