How to block SSH access for client host

How to block SSH access for client host

In this tutorial we are going to explain how to block SSH access for client hosts to secure the server. SSH is a network protocol that connects network services and provides a secured connection over a network in client-server architecture.

Steps to block SSH access

To Block the SSH access to the client host, open the hosts.deny file and add the host ip to block and save the file. 

 [root@linuxhelp1 ~]# vim /etc/hosts.deny
sshd:192.168.7.232

After saving the file, restart and enable the ssh service by entering the command.

[root@linuxhelp1 ~]# systemctl restart sshd.service
[root@linuxhelp1 ~]# systemctl enable sshd.service

Now the SSH service is restarted and enabled. Now add the ssh service into firewall.

[root@linuxhelp1 ~]# firewall-cmd --permanent --add-service=ssh
Success

Run the following command to reload the firewall in the SSH.

[root@linuxhelp1 ~]# firewall-cmd --reload
Success

The firewall is successfully enabled. Enter the IP address to login to client machine now take ssh .

[root@linuxhelp2 ~]# ssh root@192.168.7.232
ssh_exchange_identification: read: Connection reset by peer

The IP address is blocked by the firewall. Now block the entire ip from specific network.

[root@linuxhelp1 ~]# vim /etc/hosts.deny
sshd:192.168.7.

Restart the ssh service. 

[root@linuxhelp1 ~]# systemctl restart sshd.service

From a different client host, take the ssh from different ip based on the blocked network.

[root@localhost ~]# ssh root@192.168.7.232
ssh_exchange_identification: Connection closed by remote host

To block ssh access for different networks or client hosts.Run the following command. 

[root@linuxhelp1 ~]# vim /etc/hosts.deny
sshd:192.168.7.,192.168.5.

Run the command to restart the service.

[root@linuxhelp1 ~]# systemctl restart sshd.service

To block the ssh from different account. Enter the command. 

[root@linuxhelp1 ~]# ssh root@192.168.7.232
ssh_exchange_identification: Connection closed by remote host

To check the ssh log from the server. enter the command and hit " enter" . This shows the list of blocked SSH services lists. 

[root@linuxhelp1 ~]# tail -f /var/log/secure
Feb  9 18:07:12 linuxhelp1 sshd[11492]: refused connect from 192.168.7.254 (192.168.7.254)
Feb  9 18:07:23 linuxhelp1 sshd[11499]: refused connect from 192.168.5.182 (192.168.5.182)
Feb  9 18:07:34 linuxhelp1 sshd[11500]: refused connect from 192.168.7.150 (192.168.7.150)
Tag : SSH Host
FAQ
Q
What is sftp in SSH to access the file?
A
sftp - file transfer client with FTP-like command interface in Superuser
Q
How to create the public key pair for authentication?
A
ssh-keygen - creates a key pair for public key authentication in SSH.
Q
Provide some commands to check who accessed via ssh?
A
Following command is used to check the access file of SSH
Yes use "w -I" aureport or "/var/log/secure"
Q
How to create the public key pair for authentication?
A
ssh-keygen - creates a key pair for public key authentication.
Q
What is the syntax for adding ssh service deny in host.deny?
A
Following syntax is used to add the ssh service
sshd:list of IP addresses seperated by comma