Allow SSH only a particular user and IP
In this article I will explain you a SSH security tips, which will allow only a particular user or IP to access the server.
Using "AllowUsers" parameters
In the SSH configuration file /etc/ssh/sshd_config ( location of SSH configuration file in centos ), search for the parameter "AllowUsers".
This will allow only allow user root to access the server and prevent the brute force attack on the server, as any user.
You can allow a particular IP using the following setting:
Now, this will allow only root to SSH into the server from the IP address 184.108.40.206
Now,lets see how to allow multiple users using this setting:
AllowUsers email@example.com firstname.lastname@example.org shawn
The above setting will allow root and manoj to SSH from the IP address 220.127.116.11 and 18.104.22.168 respectively. The user "shawn" can SSH into the server from any IP address.
After, setting this you must restart ssh service using the following command:
Using the parameter "AllowGroups"
There is also the AllowGroups function. For instance you can set AllowGroups Wheel which will allow only root and any one added into the wheel group for su