Two steps to securing your server
Here are two steps to using ssh to secure your server.
First, I assume you use ssh to connect to the server, and use a public/private key pair to help with security. In your .ssh/authorized_keys file, in front of the public key entry for the one you use, put “from=’(address)’ . So your line looks like this:
from=”209.31.6?.*,192.168.?.*” ssh-rsa (redacted).
What this’ll do is restrict the use of your key to your ip address ( as you can see from the example, you can use wildcards ).
Additionally, if you have a portable drive, like a usb keyfob, you can create a secondary key ( with a passphrase ) and add that as well; put the private key file ( not the .pub one ) on the drive. Add the shared public key to the authorized key file.
If you’re using linux’s ssh to connect, use the -i switch to specify the identity file ( the alternative key file ) like this:
ssh -i id_alternate user@server
It’ll prompt you for the passphrase.