Re: different ssh settings for different users(solved)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 5/31/06, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
On Wed, 2006-05-31 at 22:09 +0530, Ankush Grover wrote:
> On 5/31/06, Steven W. Orr <steveo@xxxxxxxxxxx> wrote:
> > On Wednesday, May 31st 2006 at 11:54 +0530, quoth Ankush Grover:
> >
> > =>I am using openssh-3.9 on FC3.Is it possible to have different ssh
> > =>settings for each user means if there is a user john and he can only
> > =>connect through the port 3309 and if  there is a user mary she can
> > =>only connect through the port 4067 ?
> > =>
> > =>Rest of the users should be able to connect through the default port
> > =>that is 5009.
> >

hey friends,

I am able to make multiple instances of sshd with different user settings.

created multiple binaries of sshd under /usr/sbin that is sshd1 sshd2

copied /etc/pam.d/sshd to sshd1, sshd2 etc.

under /etc/rc.d/rc.local added these lines

/usr/sbin/sshd1 -f /etc/ssh/sshd_config1
/usr/sbin/sshd2 -f /etc/ssh/sshd_config2

in sshd_config1 & sshd_config2 modified settings for the users.

only problem is that I am not able to make a service for sshd1 & sshd2.

# source function library
. /etc/rc.d/init.d/functions

# pull in sysconfig settings
[ -f /etc/sysconfig/sshd1 ] && . /etc/sysconfig/sshd1

RETVAL=0
prog="sshd1"

# Some functions to make the below more readable
KEYGEN=/usr/bin/ssh-keygen
SSHD=/usr/sbin/sshd1
RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
PID_FILE=/var/run/sshd1.pid
CONFIG_FILE=/etc/ssh/sshd_config1
do_rsa1_keygen() {
	if [ ! -s $RSA1_KEY ]; then
		echo -n $"Generating SSH1 RSA host key: "
		if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $RSA1_KEY
			chmod 644 $RSA1_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $RSA1_KEY.pub
			fi
			success $"RSA1 key generation"
			echo
		else
			failure $"RSA1 key generation"
			echo
			exit 1
		fi
	fi
}

do_rsa_keygen() {
	if [ ! -s $RSA_KEY ]; then
		echo -n $"Generating SSH2 RSA host key: "
		if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $RSA_KEY
			chmod 644 $RSA_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $RSA_KEY.pub
			fi
			success $"RSA key generation"
			echo
		else
			failure $"RSA key generation"
			echo
			exit 1
		fi
	fi
}

do_dsa_keygen() {
	if [ ! -s $DSA_KEY ]; then
		echo -n $"Generating SSH2 DSA host key: "
		if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $DSA_KEY
			chmod 644 $DSA_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $DSA_KEY.pub
			fi
			success $"DSA key generation"
			echo
		else
			failure $"DSA key generation"
			echo
			exit 1
		fi
	fi
}

do_restart_sanity_check()
{
	$SSHD -t
	RETVAL=$?
	if [ ! "$RETVAL" = 0 ]; then
		failure $"Configuration file or keys are invalid"
		echo
	fi
}

start()
{
	# Create keys if necessary
	do_rsa1_keygen
	do_rsa_keygen
	do_dsa_keygen

	echo -n $"Starting $prog:"
	initlog -c "$SSHD $OPTIONS" && success || failure
	RETVAL=$?
	[ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd1
	echo
}

stop()
{
	echo -n $"Stopping $prog:"
	killproc $SSHD -TERM
	RETVAL=$?
	[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd1
	echo
}

reload()
{
	echo -n $"Reloading $prog:"
	killproc $SSHD -HUP
	RETVAL=$?
	echo
}

case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	restart)
		stop
		start
		;;
	reload)
		reload
		;;
	condrestart)
		if [ -f /var/lock/subsys/sshd1 ] ; then
			do_restart_sanity_check
			if [ "$RETVAL" = 0 ] ; then
				stop
				# avoid race
				sleep 3
				start
			fi
		fi
		;;
	status)
		status $SSHD
		RETVAL=$?
		;;
	*)
		echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
		RETVAL=1
esac
exit $RETVAL

When I try to start sshd1 it shows these errors in the logs

Jun  1 14:59:15 test1 sshd1[4071]: error: Bind to port 22 on
192.168.1.125 failed: Address already in use.
Jun  1 14:59:15 test1 sshd1[4071]: fatal: Cannot bind any address.


I hope somebody can guide how to write the service script  for sshd1.

Thanks & Regards

Ankush Grover


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux