Securing SSH port and limiting IP address connection with Firewall in Ubuntu

UFW: Securing SSH
UFW or Uncomplicated Firewall is a firewall package in Ubuntu. UFW can be used to secure SSH ports in Ubuntu server.

In order to secure OpenSSH, we must first disable UFW and allow all SSH rule.

sudo ufw disable
sudo ufw delete allow ssh

Then we add IP Address to be allowed to connect to SSH port. In this case I assume that “192.168.1.10” would be allowed to be connected to the server. You can replace IP Address, with any IP Address that you prefer.

sudo ufw allow from 192.168.1.10 to any port ssh

You can also add other IP Address that can be connected to SSH port. In this case, I chose em>”172.25.100.1″.

sudo ufw allow from 172.25.100.1 to any port ssh

Alternatively, you could also specify port number and protocol

sudo ufw allow from 192.168.1.10 to any port 22 proto tcp

Only allow SSH connections from certain subnets

sudo ufw allow from 192.168.1.0/24 to any port 22 proto tcp

Note: Adding firewall rules to only allow SSH connection from certain subnets would increase the server security, further reducing brute-force attack.

Further Reading: Ubuntu Server Administrator Reference

One Reply to “Securing SSH port and limiting IP address connection with Firewall in Ubuntu”

Comments are closed.