How to filter SSH connections with hosts.allow on Rocky Linux / CentOS 8

The TCP Wrappers suite of programs is no longer included in RHEL 8, meaning the hosts.allow/deny files no longer exist nor work. This makes quick filtering SSH connections per IP address a bit more difficult as it requires configuring the firewall.

Luckily, the tcp_wrappers package is still available in the EPEL repository even for versions 8 so the previous functionality can be restored, albeit with some additional steps.

How to pre-configure Raspberry PI for remote SSH and Wifi

Many Raspberry PI projects are used headless (with no display device attached or if a display device exists, it’s not connected to the default HDMI or analog outputs).
In these instances it’s time consuming to connect the PI to a monitor and keyboard just to configure remote SSH access and wireless connection details (and in rare occasions it may even not be possible).

Luckily, the good folk developing Raspbian implemented shortcuts and workarounds that allow things to be pre-configured even before booting the PI.

Keeping SSH connections alive

By default SSHd will terminate an ongoing connection if there was no traffic (incoming or outgoing) for a while.

If you usually leave remote sessions running for long amounts of time and hate the unexpected disconnects, this can be changed by enabling the keep-alive feature on the server directly so it applies to all remote sessions regardless of client used.

Prevent SSH from disconnecting idle sessions

If you leave PuTTY connected for long periods of time on tail -f /some/log/file you may have noticed the SSH server disconnects you after a while if there is no new input on that log file.

You could configure PuTTY to enable connection keepalive functionality, but you’d need to either do that for every session or every saved server in the list. The easier way is to enable this functionality on the servers themselves…