<![CDATA[Restrict SSH access to specific IP addresses]]>Hi there!

I want to make SSH accessible only from certain IP addresses. Normally I would just set up an iptables rule to do this. However, the cloudron documentation suggests not to add your own iptables rules. What is the best way to implement this restriction without having a dedicated firewall in front of the cloudron machine?

Thank you!

]]>https://forum.cloudron.io/topic/11228/restrict-ssh-access-to-specific-ip-addressesRSS for NodeSat, 13 Jun 2026 15:33:35 GMTMon, 04 Mar 2024 03:49:55 GMT60<![CDATA[Reply to Restrict SSH access to specific IP addresses on Mon, 04 Mar 2024 10:18:29 GMT]]>Interesting. So, from @necrevistonnezr's like the hosts.allow/hosts.deny may not work in the future. "Note: this might not be an option on modern distributions, as support for tcpwrappers was removed from OpenSSH 6.7"

]]>https://forum.cloudron.io/post/84371https://forum.cloudron.io/post/84371Mon, 04 Mar 2024 10:18:29 GMT<![CDATA[Reply to Restrict SSH access to specific IP addresses on Mon, 04 Mar 2024 09:42:34 GMT]]>I have modified the Match Address parameter in the SSH daemon configuration pursuant to this: https://unix.stackexchange.com/questions/406245/limit-ssh-access-to-specific-clients-by-ip-address

]]>https://forum.cloudron.io/post/84368https://forum.cloudron.io/post/84368Mon, 04 Mar 2024 09:42:34 GMT<![CDATA[Reply to Restrict SSH access to specific IP addresses on Mon, 04 Mar 2024 09:19:40 GMT]]>Thanks for the feedback, but there is no firewall available in front of this machine (as it would be available when using some cloud providers like Hetzner). I am aware of the Cloudron firewall documentation, but it only provides information on blocking specific IPs. However, I only want to allow a specific IP for SSH.

After some research, is it okay to use hosts.allow and hosts.deny in conjunction with Cloudron?

]]>https://forum.cloudron.io/post/84366https://forum.cloudron.io/post/84366Mon, 04 Mar 2024 09:19:40 GMT<![CDATA[Reply to Restrict SSH access to specific IP addresses on Mon, 04 Mar 2024 08:16:15 GMT]]>@hcj-online If you use Hetzner VPS, you can youse their firewall. Is very easy to configure.

]]>https://forum.cloudron.io/post/84358https://forum.cloudron.io/post/84358Mon, 04 Mar 2024 08:16:15 GMT<![CDATA[Reply to Restrict SSH access to specific IP addresses on Mon, 04 Mar 2024 04:31:25 GMT]]>Where are you hosting? As far as I know Cloudron manages it's own firewall so making rules make break something but the docs do have something that may or may not help: https://docs.cloudron.io/networking/#firewall

]]>https://forum.cloudron.io/post/84355https://forum.cloudron.io/post/84355Mon, 04 Mar 2024 04:31:25 GMT