Sshd on one IP

From KallestadWiki

Jump to: navigation, search

The following is a list of instructions to make sshd only listen on one IP address (as opposed to every IP address on a machine, which is the default behaviour)

edit the file: /etc/ssh/sshd_config 

ListenAddress 192.168.0.1
ListenAddress 192.168.0.2

(You can have multiple ListenAddress lines if you want to listen on multiple addresses, but not all addresses.

Once this edit is complete, restart your sshd daemon: 

/etc/rc.d/sshd restart

or 

/etc/init.d/sshd restart

Also, make sure you edit your hosts.allow and hosts.deny file so that you are only listening to a small set of addresses:

hosts.deny: 

sshd : ALL

hosts.allow: 

sshd : 192.168.

For more info, google around or run 

man 5 hosts_access
man tcpd

What ports are you listening on? 

netstat -tulpn
Retrieved from "http://www.stevekallestad.com/wiki/Sshd_on_one_IP"
Personal tools