how to drop " all " ssh connections in ubuntu?

Question

This is for specified source:

iptables -A INPUT -p tcp --dport ssh -s 10.10.10.10 -j DROP

how to do this for all incoming ssh requests?

So you want to prevent people from ssh-ing into your machine ? — Sergiy Kolodyazhnyy, Jun 09 '15 at 16:14

score 2 · Answer 1 · edited Apr 13 '17 at 12:24

2

There are 2 easy ways to stop someone from being able to ssh to a machine.

1st. with iptables leave off the -s option. That denotes the source. if you use sudo iptables -A INPUT -p tcp --dport ssh -j DROP that will block all connections to port 22.

2nd. as mentioned int he comments stop and disable the openssh-server. There are several ways to do that.

You can uninstall openssh-server,

rename the init.d/ssh.conf,

run update-rc.d ssh disable, or

use the method https://askubuntu.com/a/56849/295286

edited Apr 13 '17 at 12:24

Community

1

answered Jun 09 '15 at 16:49

grag42

226
1
6

thx first one was exactly what i needed – jack Jun 09 '15 at 16:55

score 0 · Answer 2 · answered Jun 09 '15 at 16:58

Provided ufw is install, you can type the following on the terminal:

sudo ufw enable
sudo sudo ufw deny ssh

To check if the firewall is active:

sudo ufw status

You can also block the port ssh is using:

sudo ufw deny 22/tcp

To delete the rule if you don't need it any more:

sudo ufw delete deny ssh

Reference Link

how to drop " all " ssh connections in ubuntu?

2 Answers2