Not exactly, because the sshd is started by inetd - you can as
root change that file - but you have to ensure it doesn't get
changed by mgd. So a cron script checking for what is in there
once an hour does the trick..
Thanks for your answer. That sounds like a clever workaround.
Are the sshd_config options the same as in OpenSSH? On Junos 10.2R3.10
there is no /etc/ssh/sshd_config. Can I just create a file with a single
line to change the port (leaving all other options as defaults)? e.g.
something like
Port xxxxx
Could you share the portion of your cron script that replaces
sshd_config and restarts sshd when required? I guess port 22 would still
be available between the time mgd changes the ssh_config and the time
the cron script restarts sshd. How frequently do you see mgd changing
the sshd_config?
The SSH port should be configurable in the Junos config but this may be
a reasonable way to get it implemented.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
