--0vzXIDBeUiKkjNJl
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Also sprach Andy Ruhl (acruhl@gmail.com)
> On 8/17/05, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
>=20
> Is it your goal to just listen on 2 ports or actually run a totally
> separate instance? If the later, do you mind if I ask why?

Multiple sshd instances can be useful if you want redundancy for
security reasons (even sshd might crash or hang, so a fallback
solution is required) or if you want to use several instances for
several users/groups.=20

On our PostgreSQL server, three instances of sshd listen,=20
one on :22 and another on :443, they are the same and
:443 serves as a fallback solution. Additionally, both are set to
accept PubKey only and allow only my user, to avoid dictionary
attacks. A third sshd listens on the internal NIC for the institutes
members, it is filtered with ipf to allow only specified clients and
it does allow password based authentication.


BTW: sometime ago I wrote a German explanation of the sshd.config
options, it can be fount at http://www.net-tex.de/unix/ssh.html

--=20
PGP FPR: CF74 D5F2 4871 3E5C FFFE 0130 11F4 C41E B3FB AE33
--=20
Der Geist des Kriegers sollte mit Beginn des Neujahrstages bis zum Ende=20
des Jahres vom Gedanken an seinen Tod beherrscht werden.

Daijouji Shigesuke in "Budo Shoshin Shuu"

--0vzXIDBeUiKkjNJl
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)

iD8DBQFDA5KvEfTEHrP7rjMRApGVAJ9IqLfRGSCGuiqx3XBocY1G7DEsyQCaAjvU
RkC6qKbnjoYZVrbS2lpsHcI=
=tHQv
-----END PGP SIGNATURE-----

--0vzXIDBeUiKkjNJl--