On Tue, Feb 14, 2012 at 12:26:54AM +0100, Claudius Hubig wrote: > Hello Sylvain, > > Sylvain <sylvainterside...@gmail.com> wrote: > >Right now I'm a bit confused by the way chroot seems to work with users. > >I'd be grateful if someone had an idea on how to do have an ssh instance > >running on a specific port and allowing only certain users. > > Check $(man sshd_config) and the AllowUser option. You should then be > able to create a second SSHd configuration file listening on the > appropriate port. I would then go on and maybe adapt > either /etc/init.d/ssh slightly to also start the second server (with > the appropriate configuration file) or create a second script doing > the same thing. > I agree with Claudius. For your second instance of ssh, you don't need a chroot. You do need:
/etc/init.d/ssh.alt /etc/default/ssh.alt /etc/ssh/sshd_config.alt (and use the AllowUsers and Port options) /var/run/sshd.alt (although your init script may create this directory, if you copy the standard ssh init script) I do this on my system. I run LTSP on my LAN, which requires the use of password authentication for ssh. But for access to my server from the internet, I require public key authentication. The only way I knew how to accomplish this was to use two instances of ssh. -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120214010321.ga15...@aurora.owens.net