IP restriction for repo via SSH


Help, please, is there any way to make a restriction on the IP for repository through SSH?

you can block connections except for allowed set of IP addresses to SSH port using firewall (ex. iptables)

1 Like

Yes, it’s if need block totally. But how can do if need for repo1 provide access only from IP and for repo2 from for example? And can’t use SSH for repo2, and can’t got repo2

If you do not use the builtin SSH server but the one of the hosting system you can define a list of allowed source IPs per username. You could even go so far as to not use the authorized_keys tool but have the list exported regularly by gitea and then munch that through some script to also add limitations per repository. But honestly that is a lot of work and I am not sure it would be worth the while.



1 Like

Yes, i’m use builtin SSH server on own Ubuntu server. And can’t find way how make this kind of restriction :frowning:

Dima, I would suggest to move to the external, OS provided SSH service. IMHO it is more trustworthy and quite more flexible conserning the configurations.

1 Like

Thank you, i will try it.