From 99c38cd4c795d1603984be67c36e68ecffb9ac5f Mon Sep 17 00:00:00 2001
From: Philippe Favre <lapatatedouce@noreply.git.favrep.ch>
Date: Tue, 8 Apr 2025 05:54:57 +0200
Subject: [PATCH] Actualiser miscellaneous/secure_ssh.sh

---
 miscellaneous/secure_ssh.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/miscellaneous/secure_ssh.sh b/miscellaneous/secure_ssh.sh
index 77a15a4..bfb913c 100644
--- a/miscellaneous/secure_ssh.sh
+++ b/miscellaneous/secure_ssh.sh
@@ -170,6 +170,8 @@ EOL
         echo "# IP address access restriction" >> "$SSHD_CONFIG"
         echo "Match Address $(echo "$ALLOWED_IPS" | tr ' ' ',')" >> "$SSHD_CONFIG"
         echo "    AllowUsers *" >> "$SSHD_CONFIG"
+        echo "Match Address *,!$(echo "$ALLOWED_IPS" | tr ' ' ',')" >> "$SSHD_CONFIG"
+        echo "    DenyUsers *" >> "$SSHD_CONFIG"
     fi
 }
 
@@ -193,9 +195,9 @@ main() {
     # Warning message before proceeding with the script.
     echo "Warning: Before running this script, make sure you have created a user and an SSH key in the authorized_keys file."
     echo "The root user will not be able to connect."
-    
+
     read -p "Do you want to continue? (yes/no): " CONTINUE
-    
+
     if [[ ! "$CONTINUE" =~ ^([yY]es|[oO]ui)$ ]]; then
         echo "Exiting script."
         exit 0
@@ -240,4 +242,4 @@ main() {
 }
 
 # Execute the main process
-main
\ No newline at end of file
+main