Re: Running 2 ssh instances
2012/2/14 Rob Owens <rowens@ptd.net>:
> On Tue, Feb 14, 2012 at 12:26:54AM +0100, Claudius Hubig wrote:
>> Hello Sylvain,
>>
>> Sylvain <sylvaintersideral@gmail.com> wrote:
>> >Right now I'm a bit confused by the way chroot seems to work with users.
>> >I'd be grateful if someone had an idea on how to do have an ssh instance
>> >running on a specific port and allowing only certain users.
>>
>> Check $(man sshd_config) and the AllowUser option. You should then be
>> able to create a second SSHd configuration file listening on the
>> appropriate port. I would then go on and maybe adapt
>> either /etc/init.d/ssh slightly to also start the second server (with
>> the appropriate configuration file) or create a second script doing
>> the same thing.
>>
> I agree with Claudius. For your second instance of ssh, you don't need
> a chroot. You do need:
>
> /etc/init.d/ssh.alt
> /etc/default/ssh.alt
> /etc/ssh/sshd_config.alt (and use the AllowUsers and Port options)
> /var/run/sshd.alt (although your init script may create this directory,
> if you copy the standard ssh init script)
>
> I do this on my system. I run LTSP on my LAN, which requires the use of
> password authentication for ssh. But for access to my server from the
> internet, I require public key authentication. The only way I knew how
> to accomplish this was to use two instances of ssh.
>
> -Rob
That worked fine, thanks! I just had to set the PidFile option in the
/etc/ssh/sshd_config.alt to reflect the one set in the init script.
Sylvain
Reply to: