# [SOLVED] Running two instances of sshd

## Markus09

Hallo!

I was trying to run two sshd instances with two different configs on the same machine on two different ports.

I therefore duplicated /etc/ssh/sshd_config and /etc/init.d/sshd to /etc/ssh/sshd_config_port and /etc/init.d/sshd_port.

The second config (/etc/ssh/sshd_config_port) should only allow some users to login (on another, free port), so there was a line "AllowUsers username" added to the config.

In /etc/init.d/sshd_port I changed the sshd_config entries to sshd_config_port and specified another pid file:

```
extra_commands="checkconfig"

extra_started_commands="reload"

SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}

SSHD_CONFIG=${SSHD_CONFIG:-${SSHD_CONFDIR}/sshd_config_port}

SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}_port.pid}

SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}

depend() {

        use logger dns

        if [ "${rc_need+set}" = "set" ]; then

                : # Do nothing, the user has explicitly set rc_need

        else

                warn_addr=''

                for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do

                        case "$x" in

                                0.0.0.0|0.0.0.0:*) ;;

                                ::|\[::\]*) ;;

                                *) warn_addr="${warn_addr} $x" ;;

                        esac

                done

                unset x

                if [ "${warn_addr:+set}" = "set" ]; then

                        need net 

                        ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"

                        ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"

                        ewarn "where FOO is the interface(s) providing the following address(es):"

                        ewarn "${warn_addr}"

                fi

                unset warn_addr

        fi

}

checkconfig() {

        if [ ! -d /var/empty ] ; then

                mkdir -p /var/empty || return 1

        fi

        if [ ! -e "${SSHD_CONFDIR}"/sshd_config_port ] ; then

                eerror "You need an ${SSHD_CONFDIR}/sshd_config_port file to run sshd"

                eerror "There is a sample file in /usr/share/doc/openssh"

                return 1

        fi

        ssh-keygen -A || return 1

        [ "${SSHD_PIDFILE}" != "/var/run/sshd_port.pid" ] \

                && SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"

        [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \

                && SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config_port"

        "${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1

}

start() {

        checkconfig || return 1

        ebegin "Starting ${SVCNAME}"

        start-stop-daemon --start --exec "${SSHD_BINARY}" \

            --pidfile "${SSHD_PIDFILE}" \

            -- ${SSHD_OPTS}

        eend $?

}

stop() {

        if [ "${RC_CMD}" = "restart" ] ; then

                checkconfig || return 1

        fi

        ebegin "Stopping ${SVCNAME}"

        start-stop-daemon --stop --exec "${SSHD_BINARY}" \

            --pidfile "${SSHD_PIDFILE}" --quiet

        eend $?

}

reload() {

        checkconfig || return 1

        ebegin "Reloading ${SVCNAME}"

        start-stop-daemon --signal HUP \

            --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"

        eend $?

}

```

But when I do a "start" and a "status" on the sshd_port init script, it always says that it is crashed.

A port scan of the two ports the should be open also shows that only the original sshd service is running.

Can you give me a hint why the second instance won't start?

regards,

MarkusLast edited by Markus09 on Thu Feb 19, 2015 12:35 am; edited 1 time in total

----------

## khayyam

marcus ...

You should be able to do the following (untested)

/etc/conf.d/sshd_22

```
SSHD_CONFDIR="/etc/ssh_22"
```

/etc/conf.d/sshd_2222

```
SSHD_CONFDIR="/etc/ssh_2222"
```

```
# rc-update del ssh default

# ln -s /etc/init.d/sshd /etc/init.d/sshd_{22,}22

# cp -a /etc/ssh /etc/ssh_{22,}22

# rc-update add sshd_22 default

# rc-update add sshd_2222 default
```

You then edit the respective sshd_config files and start the services.

BTW, you could use 'sshd' and 'sshd_2222' ... I just made the additional service so that it was clear what they were.

HTH & best ... khay

----------

## Markus09

Thank you!

The second config directory did the trick.

----------

