Securing SSH to one Source

• In order to secure SSH using firewalld, the first thing we need to do is remove SSH as an allowed protocol from the default zone. This can be done using the command below.

• Once we have removed SSH from the default zone, we need to make a new zone and create our rich rule inside of it. In the first command, we are creating a new zone called trusted. In the second command, we are creating our rich rule inside of the new zone. Follow the format of the rule in this command and remember you can reject or accept in a rule, and add ports.

• Once you have added your rule allowing SSH through one source, you just need to reload the firewall.