Force OpenSSH (sshd) to listen on selected multiple IP address only

Open SSH Logo

So how do you force sshd to listen on multiple IP addresses? Let us say you have total 8 public IP address and one private IP address. You would like to bind sshd to one selected public IP (ex 70.5.xx.xx) and private IP (10.1.5.1) only.

ADVERTISEMENTS

Luckily there is an easy way to achieve this using ListenAddress option. It specifies the local addresses sshd should listen on. If this directive is skipped from configuration file sshd will bind or list on all available IP address.

Open sshd_config:
# vi /etc/ssh/sshd_config

Specify multiple ip address on each new line with ListenAddress (multiple ListenAddress options are permitted):
ListenAddress 70.5.1.1
ListenAddress 10.1.5.1

Save and close the file.

Restart the sshd:
# /etc/init.d/sshd restart

Verify that sshd is only listing to specified IP address:
# netstat -tulpn | grep :22Output:

tcp        0      0 70.5.1.1:22              0.0.0.0:*                   LISTEN      26472/sshd
tcp        0      0 10.1.5.1:22              0.0.0.0:*                   LISTEN      26472/sshd

This is good if public SSHD IP address is not available due to configuration issues. You can always login via private IP connected to KVM or on board server IPMI card 🙂

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
5 comments… add one
  • Gen2ly Aug 28, 2009 @ 19:16

    This is one of those things you never see listed anywhere. Thank you.

  • Isaac Oct 28, 2010 @ 13:29

    Thank you for the tip. I read the man-page and I was not sure, how I can use more IPs.

  • Jeremy Macdonalds Nov 18, 2010 @ 19:14

    Hi,

    Thanks for your tutorial.

    I have a related question.

    I have a cpanel server with multiple IPs. I created 6 websites and each had its own IP address and ssh access. When I ssh to one of these websites using its dedicated IP address as host, if I lynx to http://whatismyip.com, the IP I get back is that of the main server shared IP instead of the website dedicated IP.

    How do I fix this so that the IP returned is that that of the website?

    Thanks much

  • suvendu Oct 29, 2011 @ 9:32

    change your DNS A record. Replace shared ip by your dedicated ip

  • Tomas M. Apr 26, 2012 @ 20:53

    On ubuntu it’s:

    /etc/init.d/ssh restart

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.