≡ Menu

Force OpenSSH (sshd) to listen on selected multiple IP address only

Open SSH Logo

So how do you force sshd to listen on multiple IP addresses? Let us say you have total 8 public IP address and one private IP address. You would like to bind sshd to one selected public IP (ex 70.5.xx.xx) and private IP ( only.

Luckily there is an easy way to achieve this using ListenAddress option. It specifies the local addresses sshd should listen on. If this directive is skipped from configuration file sshd will bind or list on all available IP address.

Open sshd_config:
# vi /etc/ssh/sshd_config

Specify multiple ip address on each new line with ListenAddress (multiple ListenAddress options are permitted):

Save and close the file.

Restart the sshd:
# /etc/init.d/sshd restart

Verify that sshd is only listing to specified IP address:
# netstat -tulpn | grep :22Output:

tcp        0      0    *                   LISTEN      26472/sshd
tcp        0      0    *                   LISTEN      26472/sshd

This is good if public SSHD IP address is not available due to configuration issues. You can always login via private IP connected to KVM or on board server IPMI card :)

Share this on:
{ 5 comments… add one }
  • Gen2ly August 28, 2009, 7:16 pm

    This is one of those things you never see listed anywhere. Thank you.

  • Isaac October 28, 2010, 1:29 pm

    Thank you for the tip. I read the man-page and I was not sure, how I can use more IPs.

  • Jeremy Macdonalds November 18, 2010, 7:14 pm


    Thanks for your tutorial.

    I have a related question.

    I have a cpanel server with multiple IPs. I created 6 websites and each had its own IP address and ssh access. When I ssh to one of these websites using its dedicated IP address as host, if I lynx to http://whatismyip.com, the IP I get back is that of the main server shared IP instead of the website dedicated IP.

    How do I fix this so that the IP returned is that that of the website?

    Thanks much

  • suvendu October 29, 2011, 9:32 am

    change your DNS A record. Replace shared ip by your dedicated ip

  • Tomas M. April 26, 2012, 8:53 pm

    On ubuntu it’s:

    /etc/init.d/ssh restart

Security: Are you a robot or human?

Leave a Comment