The ssh server-source command specifies a source interface for an SSH server.
The undo ssh server-source command restores the default setting.
By default, the source interface of an SSH server is not specified.
| Parameter | Description | Value |
|---|---|---|
| -i loopback interface-number | Specifies a loopback interface as the source interface of an SSH server. | - |
Usage Scenario
By default, an SSH server receives connection requests from all interfaces so that the system is vulnerable to attacks. To enhance system security, you can specify the source interface of the SSH server. This sets a login condition and only authorized users can log in to the SSH server.
Prerequisites
Before running the ssh server-source command, ensure that the loopback interface to be specified as the source interface has been created. If the loopback interface is not created, the ssh server-source command cannot be correctly executed.
Configuration Impact
After the source interface is specified, the system only allows SFTP or STelnet users to log in to the SSH server through this source interface, and SFTP or STelnet users logging in through other interfaces are denied. Note that setting this parameter only affects SFTP or STelnet users that attempt to log in to the SSH server, and it does not affect SFTP or STelnet users that have logged in to the server.
Precautions
After the source interface of an SSH server is specified using this command, ensure that SFTP or STelnet users can access the source interface at Layer 3. Otherwise, the SFTP or STelnet users will fail to log in to the SSH server.