## This makes a second instance of sshd available on another port. ## Installation instructions: (may pipe this into sh -s) # Need of course a copy of the sshd: # (Copy this again each time openssh is updated!!) cp -p /usr/sbin/sshd /usr/sbin/sshd2 # You'll also want a symlink ln -sf ../../etc/init.d/sshd2 /usr/sbin/rcsshd2 # Apply patch: patch -p0 -b < /etc/local/SuSEfirewall2-3.1suse8.2.diff # After applying the patch with patch -p0 -b, rename the init.d scripts: mv /etc/init.d/sshd /etc/init.d/sshd2 mv /etc/init.d/sshd.orig /etc/init.d/sshd exit --- /etc/sysconfig/ssh.orig 2003-05-12 11:35:16.000000000 +1200 +++ /etc/sysconfig/ssh 2003-06-13 12:31:22.000000000 +1200 @@ -6,3 +6,15 @@ # Options for sshd # SSHD_OPTS="" + +## Path: Network/Remote access/SSH +## Description: backup SSH server settings +## Type: string +## Default: "" +# +# Options for backup ssh daemon, and port number it's listening on +# (Both variables are used by the init script) +# This extension by Volker Kuhlmann. +# +SSHD_2_PORT="2222" +SSHD_2_OPTS="-4 -o Port=$SSHD_2_PORT -o Protocol=2" --- /etc/init.d/sshd 2003-03-19 01:15:30.000000000 +1200 +++ /etc/init.d/sshd2 2003-06-13 12:41:39.000000000 +1200 @@ -3,19 +3,22 @@ # # Author: Jiri Smid # -# /etc/init.d/sshd +# /etc/init.d/sshd2 # # and symbolic its link # -# /usr/sbin/rcsshd +# /usr/sbin/rcsshd2 +# +# Volker Kuhlmann: +# Start up a second sshd on another port. # ### BEGIN INIT INFO -# Provides: sshd +# Provides: sshd2 # Required-Start: $network $remote_fs # Required-Stop: $network $remote_fs # Default-Start: 3 5 # Default-Stop: 0 1 2 6 -# Description: Start the sshd daemon +# Description: Start the backup sshd daemon ### END INIT INFO SSHD_BIN=/usr/sbin/sshd @@ -24,11 +27,26 @@ SSHD_SYSCONFIG=/etc/sysconfig/ssh test -r $SSHD_SYSCONFIG || exit 6 . $SSHD_SYSCONFIG +SSHD_OPTS="$SSHD_2_OPTS" +SSHD_PORT="$SSHD_2_PORT" -SSHD_PIDFILE=/var/run/sshd.init.pid +SSHD_PIDFILE=/var/run/sshd2.init.pid . /etc/rc.status +# Check of the port for the backup sshd is specified +test -n "$SSHD_PORT" || { + echo "\$SSHD_2_PORT is unset - was /etc/sysconfig/ssh modified?" + exit 6 +} +# Create the hardlink of second sshd if necessary +test -e "${SSHD_BIN}2" || { + echo "Creating hardlink ${SSHD_BIN}2 to $SSHD_BIN" + ln $SSHD_BIN "${SSHD_BIN}2" +} +SSHD_BIN="${SSHD_BIN}2" +test -x $SSHD_BIN || exit 5 + # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status @@ -57,21 +75,21 @@ ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N '' fi - echo -n "Starting SSH daemon" + echo -n "Starting backup SSH daemon (port $SSHD_PORT)" ## Start daemon with startproc(8). If this fails ## the echo return value is set appropriate. - startproc -f -p $SSHD_PIDFILE /usr/sbin/sshd $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE" + startproc -f -p $SSHD_PIDFILE $SSHD_BIN $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE" # Remember status and be verbose rc_status -v ;; stop) - echo -n "Shutting down SSH daemon" + echo -n "Shutting down backup SSH daemon" ## Stop daemon with killproc(8) and if this fails ## set echo the echo return value. - killproc -p $SSHD_PIDFILE -TERM /usr/sbin/sshd + killproc -p $SSHD_PIDFILE -TERM $SSHD_BIN # Remember status and be verbose rc_status -v @@ -97,15 +115,15 @@ ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). - echo -n "Reload service sshd" + echo -n "Reload service sshd2" - killproc -p $SSHD_PIDFILE -HUP /usr/sbin/sshd + killproc -p $SSHD_PIDFILE -HUP $SSHD_BIN rc_status -v ;; status) - echo -n "Checking for service sshd " + echo -n "Checking for service sshd2 " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. @@ -115,7 +133,7 @@ # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running - checkproc -p $SSHD_PIDFILE /usr/sbin/sshd + checkproc -p $SSHD_PIDFILE $SSHD_BIN rc_status -v ;;