How to change the sshd listen address on Mac OS X?

Question

This question is similar to the question here, about changing the sshd port on Mac OSX, but instead of changing the port number, I want to change the listen address of my Mac's ssh server. Setting it in /etc/sshd_config doesn't work (just like it doesn't work for port numbers).

According to the man page on SSHD_CONFIG(5):

On Mac OS X, sshd is started on demand by launchd(8). The specification of the address on which sshd will listen is given in the launchd.plist(5) file /System/Library/LaunchDaemons/ssh.plist. The values of ListenAddress and Port are only used when sshd is run from the command line. Use launchctl(1) to unload and load the plist file. The port number on which sshd listens can be set by changing the value of the SockServiceName key in the plist file.

This answer shows how to set SockServiceName to change the port number, but I'm unclear on how to change the listen address.

Deos anyone know how?

About the close vote: Why would this not be about server administration (just because it is a Mac OS X server?) Please note, that the linked, closely related question was also posted and answered on serverfault. — Chris Lercher, Feb 19 '15 at 16:23
I suspect it was *mostly* the fact that you tagged it with mac-osx, but not the server tag. That very old post you linked to predates some very radical changes in this site's topicality rules, which probably didn't help either. And, to be fair to us, we get [a lot of crappy, off-topic questions about end-users' Macs and VPSes and any other technology you can think of that's popular with computer hobbyists](http://serverfault.com/questions/tagged/off-topic), so the community's a little quick on the draw for closing questions that even *resemble* `"halp me with my cimputer pls kia thxbai1!"` — HopelessN00b, Feb 20 '15 at 04:14

score 3 · Accepted Answer · answered Mar 06 '15 at 13:07

3

The answer is similar to the one you linked to.

In the file /System/Library/LaunchDaemons/ssh.plist, you need to edit the Listeners item. The IP address can be specified with they key SockNodeName. When you're done, the Listeners part of the file should look something like this:

 <key>Listeners</key>
 <dict>
         <key>SockNodeName</key>
         <string>10.10.1.70</string>  ####This is the IP address you want
         <key>SockServiceName</key>
         <string>ssh</string>
         <key>Bonjour</key>
         <array>
                 <string>ssh</string>
                 <string>sftp-ssh</string>
         </array>
 </dict>

Once you're done, you reload the config by doing

sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist
sudo launchctl load /System/Library/LaunchDaemons/ssh.plist

answered Mar 06 '15 at 13:07

Jenny D

27,358
21
74
110

That's the perfect answer – Chris Lercher Mar 06 '15 at 21:29
Note: This doesn't seem to be documented anywhere. – Chris Lercher Mar 06 '15 at 21:36
@ChrisLercher It's in the manpage for launchd.plist, but it's not terribly clear. – Jenny D Mar 07 '15 at 06:02
@ChrisLercher Oh, BTW, you could use a hostname instead of an IP address if you like. – Jenny D Mar 07 '15 at 06:02

score -2 · Answer 2 · answered Mar 06 '15 at 13:05

-2

sshd has a ListenAddress config option. i do not know if OS/X has a new enough version of ssh for this.

i have used this on an older Ubuntu server to get sshd to listen on port 443 with Apache listening to the same port on another IP.

answered Mar 06 '15 at 13:05

Skaperen

1,064
2
11
21

If you re-read the question, you'll see that this does not work in MacOSX - it uses a separate configuration for this. – Jenny D Mar 06 '15 at 13:08
it has a modified ssh or generates the ssh config? knowing this is needed to solve – Skaperen Mar 06 '15 at 13:11
Yes, knowing how the OS handles configuration for starting system daemons is indeed needed to solve the problem. – Jenny D Mar 06 '15 at 13:21

How to change the sshd listen address on Mac OS X?

2 Answers2