[dfads params=’groups=-1′]
Here is how to restrict SSH access to certain IP addresses on and off your home LAN.
Edit the /etc/hosts.allow file to include these lines, assuming your home LAN is on the 192.168.4.x nonrouting IP block, and your work address is on the routing 1.1.1.x
IP block: Remember to add the period on the end of each incomplete IP number.
If you have another complete IP address or range, add a space and that range on the end.
# allow ssh login from home LAN and work LAN
sshd,sshdfwd-X11: 192.168.4. 1.1.1.x.
Edit your /etc/hosts.deny file to include this line:
sshd,sshdfwd-X11:ALL
These lines refuse SSH connections from anyone not in the IP address blocks listed.
Log out and then try logging back in to test your configuration. Good luck!
[dfads params=’groups=-1′]