Skip to content

dMopp/ssh-geoblock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
README.md
README.md
 
 
sshCountryFilter.sh
sshCountryFilter.sh
 
 

Repository files navigation

ssh-geoblock

Based of https://www.axllent.org/docs/ssh-geoip/ i've created/modified a script to block all SSH Login Attempts not from a Whitelist OR whitelist Country. Tested on Debian. If there is no geoiplookup, cou can modify the script to whatveer lookuptool you have.

Installation:

  1. Download Script: wget https://raw.githubusercontent.com/dMopp/ssh-geoblock/main/sshCountryFilter.sh
  2. Modify Script. (Modify Whitelist, Separated by Space, Modify Country Whitelist)
  3. install geoip: apt install geoip-database geoip-bin
  4. Test script: sshCountryFilter.sh <addIPhere>
  5. ATTENTION: If you did something wrong, you need local/KVM access to the VM to repair
  6. Modify /etc/hosts.deny --> add sshd: ALL
  7. Modify /etc/hosts.allow --> add sshd: ALL: aclexec /path/to/sshCountryFilter.sh %a
  8. ATTENTION: Keep current SSH session open and TEST if you can connect!!
  9. If yes --> you can close the connection

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages