Text only | Text with Images

OPNsense Forum

English Forums => 25.1, 25.4 Production Series => Topic started by: pavela on July 07, 2025, 09:04:50 AM

Title: ssh service address
Post by: pavela on July 07, 2025, 09:04:50 AM
If we have ssh service assigned to an interface, changing the address of this interface does not change the address in ssh (netstat -an | grep 22)
You need to remove and re-assign the interface to listen over ssh (System/Settings/Administration/Secure Shell Listen Interfaces).
Title: Re: ssh service address
Post by: Patrick M. Hausen on July 07, 2025, 09:07:06 AM
Have you tried restarting the service?
Title: Re: ssh service address
Post by: meyergru on July 07, 2025, 09:08:57 AM
You could also have restarted the SSH service instead. That is one of the reasons why one should not bind services to specific interfaces, but instead limit access via firewall rules. The implicit bind to 0.0.0.0 (or ::) will not have such problems.
Title: Re: ssh service address
Post by: pavela on July 07, 2025, 12:27:49 PM
Thanks guys.
Restarting openssh of course works. And yes, it's better to listen on all interfaces and limit it on firewall.
Text only | Text with Images