Restrict OpenSSH to device
I am trying to restrict sshd to one device by leaving the following line in /etc/ssh/sshd_config uncommented:
Code:
ListenAddress 10.0.0.1 In my case i can still connect on all devices after a fresh reboot with the above configuration but weirdly if i restart sshd.service manually it seems to work properly. |
Yes. That is how to restrict sshd to a single IP address (not device, although an IP address can only be on one device at a time)
Out production server uses 5 IP addresses (long story). One is used only for sshd. Attempts to ssh to any other IP on that server just hang... |
Quote:
So how can i avoid ssh login on the other device/address, i have no idea where to start (distribution is archlinux) |
If you have configured sshd with
Code:
ListenAddress 10.0.0.1 Use Code:
netstat -tnlp Code:
Active Internet connections (only servers) |
I seem to have found the problem: for some reason sshd.socket is run at boot wich listens on all devices while sshd.service is disabled.
I still wonder, doesn't the socket use sshd_config? |
Don't know what sshd.socket is...Why do you have the sshd.service disabled? If it's enabled, it will use the sshd_config at boot time.
|
All times are GMT -5. The time now is 07:19 AM. |