Re: Running 2 ssh instances
On Mon, Feb 13, 2012 at 10:00:33PM -0700, Paul E Condon wrote:
> On 20120213_200321, Rob Owens wrote:
> > On Tue, Feb 14, 2012 at 12:26:54AM +0100, Claudius Hubig wrote:
> > > Hello Sylvain,
> > >
> > > Sylvain <firstname.lastname@example.org> wrote:
> > > >Right now I'm a bit confused by the way chroot seems to work with users.
> > > >I'd be grateful if someone had an idea on how to do have an ssh instance
> > > >running on a specific port and allowing only certain users.
> > >
> > > Check $(man sshd_config) and the AllowUser option. You should then be
> > > able to create a second SSHd configuration file listening on the
> > > appropriate port. I would then go on and maybe adapt
> > > either /etc/init.d/ssh slightly to also start the second server (with
> > > the appropriate configuration file) or create a second script doing
> > > the same thing.
> > >
> > I agree with Claudius. For your second instance of ssh, you don't need
> > a chroot. You do need:
> > /etc/init.d/ssh.alt
> > /etc/default/ssh.alt
> > /etc/ssh/sshd_config.alt (and use the AllowUsers and Port options)
> > /var/run/sshd.alt (although your init script may create this directory,
> > if you copy the standard ssh init script)
> I have been running dozens of instances of ssh simultaneously for
> years without doing anything like the above. Either it is entirely
> unnecessary or the Debian Maintainer has include all this in his
> install script. Or maybe, like gnome-terminal, a single instance can
> manage multiple indepentent windows. Either way, I have found the
> number of windows to be effectively unbounded. Have you tried it?
> I think you will find that it works.
How do you do it? Just launch sshd on the command line and specify an
alternate config file? I need two instances with two different config
files, and I need them to always be running. I figured the best way was
to duplicate the default sshd setup (as shown above). But if there's a
better way, I'd like to know.