/ipauth-api

IPAUTH-API helps you to control the SSH access to your server via API. Allow to whitelist your IP address to access your own server from any location.

Primary LanguagePythonGNU General Public License v2.0GPL-2.0

IPAUTH-API

IPAUTH-API is a tool to help in the SSH access control. Add the current requested IP in a 'whitelist' for access SSH port.

How it works:

  • Creates a sqlite data base with user details (username, key, skey, old IP and current IP)
  • Users must be in the local system
  • Uses iptables to control the firewall access for the SSH port
  • The owner running the ipauth_api.py must have access to iptables via sudo

Installation:

Create IPtables chain IPAUTH-API and redirect the SSH port to IPAUTH-API chain

# iptables -A IPAUTH-API -j reject
# iptables -A INPUT -p tcp -m tcp --dport SSH_PORT -j IPAUTH-API

Add owner file to sudo:

# visudo
// Add the following entry to your sudo file
username ALL= NOPASSWD: /sbin/iptables