How to disallow ssh jumps I'm looking for a method to disallow users to use a particular Debian 10.10 host as an SSH jump host. I want to stop them from connecting with SSH from this host. * In `/etc/ssh/sshd

How to disallow ssh jumps I'm looking for a method to disallow users to use a particular Debian 10.10 host as an SSH jump host. I want to stop them from connecting with SSH from this host. * In `/etc/ssh/sshd_config` I have `AllowTcpForwarding no`. * In `/etc/ssh/ssh_config` I have `FollowAgent no`. But when I connect, I can connect to another host. How to deny/lock/block a new SSH connection from the first SSH connection? HOST A --{SSH}--> Other_Host_N --{NO SSH}--X--> hyp_vmware

Thank's all responses, analyses and others.

I start to rename "other_host" schema by "Hyp_vmware" because he is the "other_host".

Today I setted a rule in the ESXi firewall with deny all connection by ssh and allowed the desired IP. Because the ESXi 7.0 dont have "TCP wrappers" (In linux yes).

I get the "ilkkachu" answer reference and adapt in ESXi CLI.

Please note the ESXi command is different of "ilkkachu" answer. You can filter ip with this command:

esxcli network firewall ruleset set --ruleset-id=sshServer --enabled=true
esxcli network firewall ruleset allowedip add -i @IP -r sshServer
esxcli network firewall refresh

Cordially