I´d like to pick your brains a bit regarding the sshd_config file and external IP address. My apologies if im posting this in a wrong forum or the topic has been covered in detail elsewhere - i could not find a satisfying answer, maybe i didnt search long enough in the right places.
We had an internal ssh server running for a while, this is now upgrade with an additional NIC.
The server will have one NIC that connects to our internal network, the other one connects directly to the internet.
The server is also acting as a router/firewall.
The server works fine, but there is one thing that has come to my attention. Its the ListenAddress keyword. As i gathered one should always tell the server what address(es) it should listen to, but we have a dynamic IP address...
My question here is: what wold be the easiest way to keep the external IP up to date in the sshd_config? I guess the most likely approach here is scripting the update of the sshd_config.
Im no expert on SSH so i´d like to hear what other solutions is out there.
Our sshd_config looks like this:
ListenAddress ???????????? <---------- External IP
AllowGroups manager biz
Subsystem sftp /usr/libexec/sftp-server
Match group secftp
All suggestions on updating the external IP and improvements of the sshd_config are greatly appreciated.