Binding an SSH server to a specific IP address allows you to define the network interface that SSH listens to. This is especially useful if you have multiple network interfaces or IP addresses on your server, ensuring that SSH is only accessible via the desired IP.
Most distributions come with OpenSSH as the default SSH server, and the main configuration file for OpenSSH is sshd_config. By default, SSH server listens on all available IP addresses and network interfaces.
To bind SSH to a specific IP address, you'll need to adjust the sshd_config file and specify the desired IP address using the ListenAddress directive. This ensures enhanced security and restricts unwanted access from other network interfaces.
$ sudo nano /etc/ssh/sshd_config
You can specify multiple ListenAddress directives if you want the SSH server to listen on more than one IP address.
$ sudo systemctl restart sshd
Depending on your distribution, the SSH service might be named differently, like ssh or sshd.
$ sudo netstat -tulnp | grep sshd tcp 0 0 192.168.1.100:22 0.0.0.0:* LISTEN 1234/sshd
Ensure you have access to the server through another method before making these changes, in case of misconfiguration. Losing SSH access can lock you out!
With these steps completed, your SSH server should now be bound to the specific IP address you've provided, enhancing your server's security configuration.
Comment anonymously. Login not required.