How to allow root login from one IP address with ssh public keys only

by

Here’s how you can allow root login from one IP address using SSH public keys in a Linux environment:

  1. Make sure the target machine has an SSH server installed, such as OpenSSH.
  2. On the target machine, open the SSH configuration file, typically located at /etc/ssh/sshd_config.
  3. Find the line that starts with PermitRootLogin and set it to yes:
PermitRootLogin yes
  1. Find the line that starts with PasswordAuthentication and set it to no:
PasswordAuthentication no
  1. Add the following line at the end of the file to specify the IP address that should be allowed to log in as root using a public key:
Match Address <ip_address>
PermitRootLogin yes
PasswordAuthentication no
PubkeyAuthentication yes
  1. Replace <ip_address> with the desired IP address.
  2. Save the changes to the file and close it.
  3. Restart the SSH server to apply the changes:
systemctl restart ssh
  1. On the client machine, generate a public-private key pair using the following command:
ssh-keygen -t rsa
  1. Copy the public key to the target machine:
ssh-copy-id root@<target_machine_ip_address>
  1. From now on, you should be able to log in as root from the specified IP address using the public key.

(emmerrealestate.com)

Leave a Comment