SSHD: Allow SSH Connections from localhost only

July 16th, 2009

I am doing some MPI development on my notebook using the MPICH MPI implementation.  This implementation needs an rsh/ssh connection to work properly.  I was reluctant to run a full sshd instance on my notebook as I didn’t want to open up port 22 to the world to attempt to gain access (even with password authentication disabled, root login disabled, etc.).  I did some digging and found that the sshd_config setting 'ListenAddress' would allow me to force sshd to bind to the interface associated with the specified address.  So, for example:


tells sshd to bind to lo, the loopback device. This means connections over eth* and wlan* will not work as sshd isn’t even listening on these interfaces. As far as I can tell this will do exactly what I’m looking for as I only want ssh working on my local machine and not over interfaces other than lo.