Subject: Re: running a second sshd
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Andy Ruhl <acruhl@gmail.com>
List: netbsd-users
Date: 08/17/2005 09:38:42
On 8/17/05, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
> In message <78a2305a0508170923737aa828@mail.gmail.com>, Andy Ruhl writes:
> >On 8/17/05, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
> >> Given the rc.d structure, what is the cleanest way to run a second cop=
y
> >> of sshd with a different configuration file? The machine in question
> >> is running 2.0.2, if that matters.
> >
> >I *thought* you could specify more than one port in the config file...
> >
> >Is it your goal to just listen on 2 ports or actually run a totally
> >separate instance? If the later, do you mind if I ask why?
> >
>=20
> The primary instance listens on 0.0.0.0:22. The second instance needs
> to listen to port 443 on a particular IP address, for reasons that I
> suspect are obvious.... I had not realized that multiple Listen:
> statements were allowed; I'll certainly try that. (The two answers I
> received -- copying rc.d/sshd and using rc.local -- are obvious but not
> clean...)
>=20
> --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Yep, that is obvious :)
The man page for sshd_config states that you can use more than one
ListenAddress statement, hopefully in such a way that you can listen
on different IP addresses (it would kind of defeat the point if not).
Andy