UFW: Securing SSH
UFW or Uncomplicated Firewall is a firewall package in Ubuntu. UFW can be used to secure SSH ports in Ubuntu server.
In order to secure OpenSSH, we must first disable UFW and allow all SSH rule.
sudo ufw disable sudo ufw delete allow ssh
Then we add IP Address to be allowed to connect to SSH port. In this case I assume that “192.168.1.10” would be allowed to be connected to the server. You can replace IP Address, with any IP Address that you prefer.
sudo ufw allow from 192.168.1.10 to any port ssh
You can also add other IP Address that can be connected to SSH port. In this case, I chose em>”172.25.100.1″.
sudo ufw allow from 172.25.100.1 to any port ssh
Alternatively, you could also specify port number and protocol
sudo ufw allow from 192.168.1.10 to any port 22 proto tcp
Only allow SSH connections from certain subnets
sudo ufw allow from 192.168.1.0/24 to any port 22 proto tcp
Note: Adding firewall rules to only allow SSH connection from certain subnets would increase the server security, further reducing brute-force attack.