| View previous topic :: View next topic |
| Author |
Message |
Markus09
Tux's lil' helper
Joined: 22 Mar 2013
Posts: 78
|
 Posted: Wed Feb 18, 2015 11:33 pm Post subject: [SOLVED] Running two instances of sshd |
 |
|
Hallo!
I was trying to run two sshd instances with two different configs on the same machine on two different ports.
I therefore duplicated /etc/ssh/sshd_config and /etc/init.d/sshd to /etc/ssh/sshd_config_port and /etc/init.d/sshd_port.
The second config (/etc/ssh/sshd_config_port) should only allow some users to login (on another, free port), so there was a line "AllowUsers username" added to the config.
In /etc/init.d/sshd_port I changed the sshd_config entries to sshd_config_port and specified another pid file:
| Code: | extra_commands="checkconfig"
extra_started_commands="reload"
SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}
SSHD_CONFIG=${SSHD_CONFIG:-${SSHD_CONFDIR}/sshd_config_port}
SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}_port.pid}
SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}
depend() {
use logger dns
if [ "${rc_need+set}" = "set" ]; then
: # Do nothing, the user has explicitly set rc_need
else
warn_addr=''
for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
case "$x" in
0.0.0.0|0.0.0.0:*) ;;
::|\[::\]*) ;;
*) warn_addr="${warn_addr} $x" ;;
esac
done
unset x
if [ "${warn_addr:+set}" = "set" ]; then
need net
ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"
ewarn "where FOO is the interface(s) providing the following address(es):"
ewarn "${warn_addr}"
fi
unset warn_addr
fi
}
checkconfig() {
if [ ! -d /var/empty ] ; then
mkdir -p /var/empty || return 1
fi
if [ ! -e "${SSHD_CONFDIR}"/sshd_config_port ] ; then
eerror "You need an ${SSHD_CONFDIR}/sshd_config_port file to run sshd"
eerror "There is a sample file in /usr/share/doc/openssh"
return 1
fi
ssh-keygen -A || return 1
[ "${SSHD_PIDFILE}" != "/var/run/sshd_port.pid" ] \
&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
[ "${SSHD_CONFDIR}" != "/etc/ssh" ] \
&& SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config_port"
"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
}
start() {
checkconfig || return 1
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start --exec "${SSHD_BINARY}" \
--pidfile "${SSHD_PIDFILE}" \
-- ${SSHD_OPTS}
eend $?
}
stop() {
if [ "${RC_CMD}" = "restart" ] ; then
checkconfig || return 1
fi
ebegin "Stopping ${SVCNAME}"
start-stop-daemon --stop --exec "${SSHD_BINARY}" \
--pidfile "${SSHD_PIDFILE}" --quiet
eend $?
}
reload() {
checkconfig || return 1
ebegin "Reloading ${SVCNAME}"
start-stop-daemon --signal HUP \
--exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
eend $?
}
|
But when I do a "start" and a "status" on the sshd_port init script, it always says that it is crashed.
A port scan of the two ports the should be open also shows that only the original sshd service is running.
Can you give me a hint why the second instance won't start?
regards,
Markus
Last edited by Markus09 on Thu Feb 19, 2015 12:35 am; edited 1 time in total |
|
| Back to top |
|
 |
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Thu Feb 19, 2015 12:12 am Post subject: |
|
|
marcus ...
You should be able to do the following (untested)
/etc/conf.d/sshd_22
| Code: | | SSHD_CONFDIR="/etc/ssh_22" |
/etc/conf.d/sshd_2222
| Code: | | SSHD_CONFDIR="/etc/ssh_2222" |
| Code: | # rc-update del ssh default
# ln -s /etc/init.d/sshd /etc/init.d/sshd_{22,}22
# cp -a /etc/ssh /etc/ssh_{22,}22
# rc-update add sshd_22 default
# rc-update add sshd_2222 default |
You then edit the respective sshd_config files and start the services.
BTW, you could use 'sshd' and 'sshd_2222' ... I just made the additional service so that it was clear what they were.
HTH & best ... khay |
|
| Back to top |
|
|
Markus09
Tux's lil' helper
Joined: 22 Mar 2013
Posts: 78
|
| Posted: Thu Feb 19, 2015 12:35 am Post subject: |
|
|
Thank you!
The second config directory did the trick. |
|
| Back to top |
|
|
|
Networking & Security
