Re: Running 2 ssh instances
On Tue, Feb 14, 2012 at 12:26:54AM +0100, Claudius Hubig wrote:
> Hello Sylvain,
>
> Sylvain <sylvaintersideral@gmail.com> wrote:
> >Right now I'm a bit confused by the way chroot seems to work with users.
> >I'd be grateful if someone had an idea on how to do have an ssh instance
> >running on a specific port and allowing only certain users.
>
> Check $(man sshd_config) and the AllowUser option. You should then be
> able to create a second SSHd configuration file listening on the
> appropriate port. I would then go on and maybe adapt
> either /etc/init.d/ssh slightly to also start the second server (with
> the appropriate configuration file) or create a second script doing
> the same thing.
>
I agree with Claudius. For your second instance of ssh, you don't need
a chroot. You do need:
/etc/init.d/ssh.alt
/etc/default/ssh.alt
/etc/ssh/sshd_config.alt (and use the AllowUsers and Port options)
/var/run/sshd.alt (although your init script may create this directory,
if you copy the standard ssh init script)
I do this on my system. I run LTSP on my LAN, which requires the use of
password authentication for ssh. But for access to my server from the
internet, I require public key authentication. The only way I knew how
to accomplish this was to use two instances of ssh.
-Rob
Reply to: