This article describes the steps to enable and connect with SSH on the Sophos XG Firewall. SSH access allows an administrator to run commands from the Command Line Interface (CLI) using either the Advanced Shell or the Console. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Please follow the below steps to enable SSH access on the XG Firewall.
Note: For better security, since enabling SSH in the WAN zone exposes the XG Firewall to possible attacks, it is highly recommended to create an exception for a specific IP address or network that you will use to access the XG Firewall via SSH and then deny all other IP addresses. To do this, follow the example below.
SSH can be accessed using various tools:
Please refer to Sophos XG Firewall: How to SSH to the firewall using PuTTY utility
To access via Console/Terminal enter the command:
The parameter -p xx is used to define the port used for SSH connections. If port 22 is used for SSH, this can be left out as the standard rfc port for SSH is 22. For example, if you use port 5522 for SSH the correct command would be:
ssh -p 5522 firstname.lastname@example.org
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.