Help Center/ Host Security Service/ FAQs/ Security Configurations/ How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?
Updated on 2024-09-23 GMT+08:00

How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?

The methods to clear the whitelist vary according to your HSS quota states.

Normal/Expired

Normal and expired quotas can be used. To delete the SSH login IP address, disable or delete it on the management console.

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security and Compliance > HSS. The HSS page is displayed.
  3. Choose Installation & Configuration > Server Install & Config, click Security Configuration, and click SSH IP Whitelist.
  4. Locate the row that contains the target whitelisted IP address and click Disable or Delete in the Operation column.

Frozen or Deleted After the Freeze Period Expires

If the quota status is Frozen or the quota is deleted after the freeze period expired, HSS will no longer protect your servers. You cannot clear the SSH login IP address whitelist through the management console.

Perform the following steps to clear the configured SSH login IP address whitelist:

  1. Log in to the server whose SSH login IP address whitelist needs to be cleared.
  2. Run the following command to view the /etc/sshd.deny.hostguard file, as shown in Figure 1.

    cat /etc/sshd.deny.hostguard

    Figure 1 Viewing file content

  3. Run the following command to open the /etc/sshd.deny.hostguard file:

    vim /etc/sshd.deny.hostguard

  4. Press i to enter the editing mode and delete ALL.
  5. Press Esc to exit the editing mode, and then run the :wq command to save the modification and exit.