On 5/31/06, Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
On Wed, 2006-05-31 at 22:09 +0530, Ankush Grover wrote: > On 5/31/06, Steven W. Orr <steveo@xxxxxxxxxxx> wrote: > > On Wednesday, May 31st 2006 at 11:54 +0530, quoth Ankush Grover: > > > > =>I am using openssh-3.9 on FC3.Is it possible to have different ssh > > =>settings for each user means if there is a user john and he can only > > =>connect through the port 3309 and if there is a user mary she can > > =>only connect through the port 4067 ? > > => > > =>Rest of the users should be able to connect through the default port > > =>that is 5009. > >
hey friends, I am able to make multiple instances of sshd with different user settings. created multiple binaries of sshd under /usr/sbin that is sshd1 sshd2 copied /etc/pam.d/sshd to sshd1, sshd2 etc. under /etc/rc.d/rc.local added these lines /usr/sbin/sshd1 -f /etc/ssh/sshd_config1 /usr/sbin/sshd2 -f /etc/ssh/sshd_config2 in sshd_config1 & sshd_config2 modified settings for the users. only problem is that I am not able to make a service for sshd1 & sshd2. # source function library . /etc/rc.d/init.d/functions # pull in sysconfig settings [ -f /etc/sysconfig/sshd1 ] && . /etc/sysconfig/sshd1 RETVAL=0 prog="sshd1" # Some functions to make the below more readable KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd1 RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd1.pid CONFIG_FILE=/etc/ssh/sshd_config1 do_rsa1_keygen() { if [ ! -s $RSA1_KEY ]; then echo -n $"Generating SSH1 RSA host key: " if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA1_KEY chmod 644 $RSA1_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $RSA1_KEY.pub fi success $"RSA1 key generation" echo else failure $"RSA1 key generation" echo exit 1 fi fi } do_rsa_keygen() { if [ ! -s $RSA_KEY ]; then echo -n $"Generating SSH2 RSA host key: " if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA_KEY chmod 644 $RSA_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $RSA_KEY.pub fi success $"RSA key generation" echo else failure $"RSA key generation" echo exit 1 fi fi } do_dsa_keygen() { if [ ! -s $DSA_KEY ]; then echo -n $"Generating SSH2 DSA host key: " if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $DSA_KEY chmod 644 $DSA_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $DSA_KEY.pub fi success $"DSA key generation" echo else failure $"DSA key generation" echo exit 1 fi fi } do_restart_sanity_check() { $SSHD -t RETVAL=$? if [ ! "$RETVAL" = 0 ]; then failure $"Configuration file or keys are invalid" echo fi } start() { # Create keys if necessary do_rsa1_keygen do_rsa_keygen do_dsa_keygen echo -n $"Starting $prog:" initlog -c "$SSHD $OPTIONS" && success || failure RETVAL=$? [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd1 echo } stop() { echo -n $"Stopping $prog:" killproc $SSHD -TERM RETVAL=$? [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd1 echo } reload() { echo -n $"Reloading $prog:" killproc $SSHD -HUP RETVAL=$? echo } case "$1" in start) start ;; stop) stop ;; restart) stop start ;; reload) reload ;; condrestart) if [ -f /var/lock/subsys/sshd1 ] ; then do_restart_sanity_check if [ "$RETVAL" = 0 ] ; then stop # avoid race sleep 3 start fi fi ;; status) status $SSHD RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" RETVAL=1 esac exit $RETVAL When I try to start sshd1 it shows these errors in the logs Jun 1 14:59:15 test1 sshd1[4071]: error: Bind to port 22 on 192.168.1.125 failed: Address already in use. Jun 1 14:59:15 test1 sshd1[4071]: fatal: Cannot bind any address. I hope somebody can guide how to write the service script for sshd1. Thanks & Regards Ankush Grover