Re: different ssh settings for different users


Hi Ankush,

I believe you can do this by running a different sshd for each unique
port (using ListenAddress, Port) that you wish to allow ssh connections
to, then use the "AllowUsers" configuration property for each respective
sshd to limit the logins on each port to given users. You will need to
modify or duplicate the sshd service script to cater for this, and have
multiple sshd_config files, one for each unique port.

>
hey Mr. Ben,


I tried to do the same as you told me. I created another service sshd1
under /etc/init.d
I changed some settings for sshd1 service like
CONFIG_FILE=/etc/ssh/sshd_config1
PID_FILE=/var/run/sshd1.pid
SSHD=/usr/sbin/sshd1
[ -f /etc/sysconfig/sshd1 ] && . /etc/sysconfig/sshd1
/var/lock/subsys/sshd1

the settings in /etc/ssh/sshd_config1 file

Port 3455
Listen Address 192.168.1.45
PermitRootLogin no
AllowUsers raju

the settings under /etc/ssh/sshd_config are default except I change
the listen address to 192.168.1.45 and disabled the connection for
IP6.

I restarted the sshd & sshd1 service but I am got the below error and
I am not able to ssh on the port 3455 whereas on port 22 I can ssh. I
have also copied /usr/sbin/sshd to /usr/sbin/sshd1 and had also added
this in the /etc/init.d/sshd1 file

sshd1[4238]: error: Bind to port 22 on 192.168.1.45 failed: Address
already in use.
May 31 17:32:17 cluster1 sshd1[4238]: fatal: Cannot bind any address.

sshd1 is listenting on port 3455 not on 22.

I have also added this line in /etc/modprobe.conf to disable ip6

alias net-pf-10 off

How to get rid of this problem ?

Thanks & Regards

Ankush Grover

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Relevant Pages

  • Re: sshd and IPv4 forwarding no longer working
    ... I performed a recent upgrade and possibly openssh got upgraded as well. ... sshd is showing it is running. ... unabel to forward traffic nor does sshd answer port 22. ... Perhaps because you have the listenAddress set to 0.0.0.0? ...
    (Ubuntu)
  • Re: Odd ssh attacks?
    ... Here is how I defend against ssh attacks. ... That will stop all traffic to servers like sshd that pay attention to ... Have sshd ALSO listen on a non-standard port and open up your router ...
    (Ubuntu)
  • Re: Latest SSH?
    ... >>scan to check that ssh was the only port visible to the outside world. ... >as that's the last OpenSSH advisory published. ... can sshd be prevented from reporting its version number on ...
    (freebsd-questions)
  • Re: OpenBSD2.9 ssh to OpenBSD3.0 sshd - Secure connection to <ipaddress> refused.
    ... indicating that nothing is listening on port 22. ... I think ssh is communicating but sending information that sshd ... There is no firewall or packet filter...the machines are connected to the ...
    (comp.security.ssh)
  • Re: OpenSSH 3.4 and firewalls
    ... sshd process on my machine never acknowledges the request. ... You can see that the ssh client is attempting to connect on the ... correct port, which the firewalls should forward to my machine. ... To verify that the firewall was not at fault, I ran tcpdump with the ...
    (comp.security.ssh)