Edit /etc/hosts.allow
and enter IP/range you want to allow: sshd: 10.83.33.77/32, 10.63.152.9/32, 10.12.100.11/28, 10.82.192.0/28
Edit /etc/hosts.deny
and let's deny everything else: sshd: ALL
Restart the SSH service: sudo systemctl restart sshd.service
That's pretty much it.
/etc/ssh/sshd_config
has PubkeyAuthentication
set to yes
.~/.ssh/authorized_keys
..ssh
folder is 700, the authorized_keys
file is 600, and owned by the user.Note: if you're on a Linux box, you may be able to use the
ssh-copy-id
utility, which completes steps 4-7 for you!
sudo nano /etc/ssh/sshd_config
, find PasswordAuthentication no
line and change to yes
.sudo systemctl restart sshd
..ssh
directory in your home folder.~/.ssh/authorized_keys
.~/.ssh/authorized_keys
file.sudo nano /etc/ssh/sshd_config
, find PasswordAuthentication yes
line and change to no
, then run sudo systemctl restart sshd
one last time.Conversions
menu and select Export OpenSSH key (force new file format)
. Otherwise you will get the error Invalid key format
.Edit (or create) .ssh/config
: identityfile <filepath>