If you just want your sshd to liston on multiple ports, modify your /etc/ssh/sshd_config and add one port directive for each additional port. By default, it has a line #Port 22 Activate this line and add more for the other ports: Port 22 Port 5000 Port 4233 Etc. For more info, try "man sshd_config" MARK > -----Original Message----- > From: fedora-list-bounces@xxxxxxxxxx > [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of John Gallagher > Sent: Monday, November 28, 2005 1:47 PM > To: fedora-list@xxxxxxxxxx > Subject: SSH on Multiple ports Fedora Core 4 > > > I have created a separate config file for SSH to run and > listen on another port (for example: 5000 RSA connections > only). I created another init script called sshd-ext in > /etc/init.d (Minor Modifications see file below). I created > file to call the new config in /etc/sysconfig/sshd-ext. > > All seems to work fine except I get errors in the security > logs. Which I have seen from others post on the Fedora forum. > > Nov 28 12:26:58 vpn sshd[26691]: error: Bind to port 5000 on > 0.0.0.0 failed: Address already in use. Nov 28 12:35:42 vpn > sshd[26691]: Received signal 15; terminating. > > I edited the conf file and specified the IP Address of the > interface to use for this config: > > Port 5000 > #Protocol 2,1 > ListenAddress 10.200.16.10 > #ListenAddress 0.0.0.0 > #ListenAddress :: > > I verified the original sshd_confid was only listening on > 0.0.0.0 and not :: > > The problem is ssh seems to use the same PID for both > processes and always wants to bind on port 22 for some > reason. If I restart one of the processes it can and > sometimes does kill the other process. > > service sshd restart will kill the process started as sshd-ext. > > I also run the same config on FC1 and I have do not have these issues. > > See version and intit scripts below: > > [root@vpn root]# rpm -qa |grep ssh > openssh-askpass-3.6.1p2-34 > openssh-3.6.1p2-34 > openssh-clients-3.6.1p2-34 > openssh-askpass-gnome-3.6.1p2-34 > openssh-server-3.6.1p2-34 > [root@vpn root]# > > [root@vpn root]# cat /etc/init.d/sshd-ext > #!/bin/bash > # > # Init file for OpenSSH server daemon > # > # chkconfig: 2345 55 25 > # description: OpenSSH server daemon > # > # processname: sshd > # config: /etc/ssh/ssh_host_key > # config: /etc/ssh/ssh_host_key.pub > # config: /etc/ssh/ssh_random_seed > # config: /etc/ssh/sshd_config > # pidfile: /var/run/sshd-ext.pid > > # source function library > . /etc/rc.d/init.d/functions > > # pull in sysconfig settings > [ -f /etc/sysconfig/sshd-ext ] && . /etc/sysconfig/sshd-ext > > RETVAL=0 > prog="sshd" > > # Some functions to make the below more readable > KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd > RSA1_KEY=/etc/ssh/ssh_host_key > RSA_KEY=/etc/ssh/ssh_host_rsa_key > DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd-ext.pid > > do_rsa1_keygen() { > if [ ! -s $RSA1_KEY ]; then > echo -n $"Generating SSH1 RSA host key: " > if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N > '' >&/dev/null; then > chmod 600 $RSA1_KEY > chmod 644 $RSA1_KEY.pub > success $"RSA1 key generation" > echo > else > failure $"RSA1 key generation" > echo > exit 1 > fi > fi > } > > do_rsa_keygen() { > if [ ! -s $RSA_KEY ]; then > echo -n $"Generating SSH2 RSA host key: " > if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' > >&/dev/null; then > chmod 600 $RSA_KEY > chmod 644 $RSA_KEY.pub > success $"RSA key generation" > echo > else > failure $"RSA key generation" > echo > exit 1 > fi > fi > } > > do_dsa_keygen() { > if [ ! -s $DSA_KEY ]; then > echo -n $"Generating SSH2 DSA host key: " > if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' > >&/dev/null; then > chmod 600 $DSA_KEY > chmod 644 $DSA_KEY.pub > success $"DSA key generation" > echo > else > failure $"DSA key generation" > echo > exit 1 > fi > fi > } > > do_restart_sanity_check() > { > $SSHD -t > RETVAL=$? > if [ ! "$RETVAL" = 0 ]; then > failure $"Configuration file or keys are invalid" > echo > fi > } > > start() > { > # Create keys if necessary > do_rsa1_keygen > do_rsa_keygen > do_dsa_keygen > > echo -n $"Starting $prog:" > initlog -c "$SSHD $OPTIONS" && success || failure > RETVAL=$? > [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd-ext > echo > } > > stop() > { > echo -n $"Stopping $prog:" > killproc $SSHD -TERM > RETVAL=$? > [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd-ext > echo > } > > reload() > { > echo -n $"Reloading $prog:" > killproc $SSHD -HUP > RETVAL=$? > echo > } > > case "$1" in > start) > start > ;; > stop) > stop > ;; > restart) > stop > start > ;; > reload) > reload > ;; > condrestart) > if [ -f /var/lock/subsys/sshd-ext ] ; then > do_restart_sanity_check > if [ "$RETVAL" = 0 ] ; then > stop > # avoid race > sleep 3 > start > fi > fi > ;; > status) > status $SSHD > RETVAL=$? > ;; > *) > echo $"Usage: $0 > {start|stop|restart|reload|condrestart|status}" > RETVAL=1 > esac > exit $RETVAL > [root@vpn root]# > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list >
