Thread: ssh restrictions per interface?

i have server 2 active network interfaces. on one, need ssh open users (it's running ltsp, , learned hard way today, blocking ssh kills ldm access).

on other interface (which connects rest of network), want allow few administrative users connnect.

there way cleanly using sshd_config or pam? don't want hacky running dropbear.

since ssh system wide service, doesn't work way. can prevent individual users or prevent individual networks both changes affect way ssh , whole server listens , permits logins.

let's call ltsp user network interface nic1 , other "rest of network" interface nic2.

use iptables or firewall to:
1st - permit ssh nic1 network
2nd - permit ssh specific nic2 network ips or subnets
3rd - block ssh everywhere else
allow users specific ips on nic2 network (i.e. admin pcs) ssh on server still allow users on nic1 network have ssh access ltsp functionality.
of course limitation admin access not restricted specific users rather specific ips ssh allow access (hopefully static ips of admin workstations or ip range of admin users).

cheers!

Forum The Ubuntu Forum Community Ubuntu Specialised Support Ubuntu Servers, Cloud and Juju Server Platforms [SOLVED] ssh restrictions per interface?

Ubuntu