[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Running 2 ssh instances

2012/2/14 Rob Owens <rowens@ptd.net>:
> On Tue, Feb 14, 2012 at 12:26:54AM +0100, Claudius Hubig wrote:
>> Hello Sylvain,
>> Sylvain <sylvaintersideral@gmail.com> wrote:
>> >Right now I'm a bit confused by the way chroot seems to work with users.
>> >I'd be grateful if someone had an idea on how to do have an ssh instance
>> >running on a specific port and allowing only certain users.
>> Check $(man sshd_config) and the AllowUser option. You should then be
>> able to create a second SSHd configuration file listening on the
>> appropriate port. I would then go on and maybe adapt
>> either /etc/init.d/ssh slightly to also start the second server (with
>> the appropriate configuration file) or create a second script doing
>> the same thing.
> I agree with Claudius.  For your second instance of ssh, you don't need
> a chroot.  You do need:
> /etc/init.d/ssh.alt
> /etc/default/ssh.alt
> /etc/ssh/sshd_config.alt (and use the AllowUsers and Port options)
> /var/run/sshd.alt (although your init script may create this directory,
> if you copy the standard ssh init script)
> I do this on my system.  I run LTSP on my LAN, which requires the use of
> password authentication for ssh.  But for access to my server from the
> internet, I require public key authentication.  The only way I knew how
> to accomplish this was to use two instances of ssh.
> -Rob

That worked fine, thanks! I just had to set the PidFile option in the
/etc/ssh/sshd_config.alt to reflect the one set in the init script.


Reply to: