≡ Menu

Change SSH server listening IP addresses

The question – I want to make the SSH server (OpenSSH) to listen on multiple IP addresses. How do I do that?

The OpenSSH server listens on port 22 on one or more IP addresses. It provides secure shell functionality to login to a remote server using SSH. The OpenSSH server can listen on one or multiple IP addresses based on its configuration.

The OpenSSH config file is located at the following location:

/etc/ssh/sshd_config

The SSH configuration file contains a lot of options, but to check what IP addresses it listens to, use the following command:

root@server [/home/root]# grep -i listen /etc/ssh/sshd_config
#ListenAddress 0.0.0.0
#ListenAddress ::
root@server [/home/root]#

Since all ListenAddress lines are commented out, SSH by default will listen on all IP addresses of the machine.

You can verify this using the ss command:

root@server [~]# ss -plant | grep ssh
LISTEN     0      0                         *:22                       *:*      users:(("sshd",19314,3))
LISTEN     0      0                        :::22                      :::*      users:(("sshd",19314,4))
root@server [~]#

Now to force SSH to listen on only on a few IP addresses, add the following line to it:

ListenAddress 199.223.208.245

Add this line for each of the IP addresses you want the SSH server to listen to! This will stop SSH to listen on all IP addresses of a machine and listen only on IP addresses you specify.

Incoming search terms:

  • sshd ListenAddress (14)

{ 0 comments… add one }

Leave a Comment