SYSTEM INFORMATION|
OS type and version Ubuntu Linux 22.04.5
Webmin version 2.610
Virtualmin version 7.50.2 GPL
Hello, is there a way I can allow SSH access only from a specific IP address on the WAN side? Any suggestions on how to create a rule using FirewallD? …
Thanks in advance
I usually recommend requiring key-based authentication, and disallowing passwords, as the primary means of making ssh more secure.
But, yes, you can create a firewall rule to restrict access to a specific IP or range or IPs. Just be careful about locking yourself out.
I think for doing it in firewalld, you’d generally create a zone for your home IP (or just update the home or internal or trusted zone, if such already exists) with your IP in the Allow IP/CIDR field, and make sure ssh is in that zone. Then you’d remove ssh service from the public zone. I believe blocking is the default absent a rule that allows, so just making sure there are no zones that allow access to ssh to the world should make the one allow rule in your home zone or similar the only one that applies.
You can do it on the command line with the firewall-cmd command, as well.
Thanks Joe,
I’m not very good with Linux and I was hoping to find an easy guide via Webmin. I think I understood what you suggested and I’ll try to do some tests, trying to avoid getting locked out of the house 
