How to allow SSH traffic on one of the interface and restrict on other interfaces ?

Solution Unverified - Updated -


  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9


  • How to configure sshd service listen to requests only on certain interfaces ?
  • A server with multiple interfaces are configured to use different IP addresses. How to allow SSH traffic on one of the interface and restrict on other interfaces.
  • How to restrict SSH traffic only through a single interface(IP Address) ?


  • By default sshd or SSH service listens request on all the interfaces.
$ grep sshd netstat
tcp        0      0        *                   LISTEN      0          12412      3522/sshd           off (0.00/0/0)
  • To configure sshd listen on a particular interface edit /etc/ssh/sshd_config and update IP address on which sshd should listen. sshd will only listen to the configured interface, requests on another interface will not be entertained.

$ vi /etc/ssh/sshd_config
ListenAddress <IP_address>
  • To configure sshd to listen on multiple interface, append list of IP address as below:
ListenAddress <IP_address1>
ListenAddress <IP_address2>
  • Also make sure sshd service is restarted after the changes are done in the configuration file.

For Red Hat Enterprise Linux 6

service sshd restart

For Red Hat Enterprise Linux 7 and Later

systemctl restart sshd

Diagnostic Steps

  • Check binded interfaces for sshd on which it is listening.
[root@server-0 ~]# netstat -ntlup | grep sshd
tcp        0      0    *               LISTEN      29342/sshd          
tcp6       0      0 :::22                   :::*                    LISTEN      29342/sshd  

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.