On Sat, May 10, 2008 at 10:09:11PM -0600, David Burgess wrote: > On Fri, May 9, 2008 at 6:27 AM, Rob Owens <[EMAIL PROTECTED]> wrote: > > Rob Owens wrote: > >> On Thu, Mar 06, 2008 at 01:31:50PM +0100, Oliver Grawert wrote: > >>> hi, > >>> Am Mittwoch, den 05.03.2008, 13:44 -0500 schrieb Rob Owens: > >>>> I'd like to run 2 instances of ssh on my LTSP 5 server, so that I may > >>>> disallow password authentication from the internet. I know I can > >>>> compile from source for the 2nd instance, but is there any way of using > >>>> Ubuntu's openssh-server package for both instances? Can I somehow tell > >>>> the package to install its binary and config files in /usr/local? > >>> just copy the initscript to ssh_custom or so and add the matching > >>> parameters to the daemon call ... > > Could I beg for some expansion here? I'm trying to do the same here. I did > > cp /etc/init.d/ssh to /etc/init.d/ssh_ltsp > cp /etc/default/ssh /etc/default/ssh_ltsp > update-rc.d ssh_ltsp defaults > > replaced "etc/default/ssh" with "/etc/default/ssh_ltsp" in > /etc/init.d/ssh_ltsp > added SSHD_OPTS=-p2222 to /etc/default/ssh_ltsp and > /etc/init.d/ssh_ltsp start > > It appears to start ok but > netstat -lnt | grep 2222 > > turns up nothing. Where have I gone wrong here? > I think the issue has to do with the pid file. Try this:
In /etc/default/ssh_ltsp change: SSHD_OPTS=-p2222 to SSHD_OPTS="-f /path/to/alternate/sshd_config" Of course you'll also need to create the alternate sshd_config file, and include these lines: # What ports, IPs and protocols we listen for Port 2222 # Alternate PID file PidFile /var/run/sshd2222.pid Note that you can also change the authentication methods allowed, as I did. For instance, I allowed password authentication on the LTSP ssh port, but not on the "from the internet" port. Here's the diff of my 2 init.d files (I used port 22001 as my alternate port, so adjust as necessary): $ diff ssh ssh22001 9,10c9,10 < if test -f /etc/default/ssh; then < . /etc/default/ssh --- > if test -f /etc/default/ssh22001; then > . /etc/default/ssh22001 23,25c23,25 < if [ ! -d /var/run/sshd ]; then < mkdir /var/run/sshd < chmod 0755 /var/run/sshd --- > if [ ! -d /var/run/sshd22001 ]; then > mkdir /var/run/sshd22001 > chmod 0755 /var/run/sshd22001 41,42c41,42 < echo -n "Starting OpenBSD Secure Shell server: sshd" < start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS --- > echo -n "Starting OpenBSD Secure Shell server: sshd on port 22001" > start-stop-daemon --start --quiet --pidfile /var/run/sshd22001.pid > --exec /usr/sbin/sshd -- $SSHD_OPTS 46,47c46,47 < echo -n "Stopping OpenBSD Secure Shell server: sshd" < start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid --- > echo -n "Stopping OpenBSD Secure Shell server: sshd on port 22001" > start-stop-daemon --stop --quiet --oknodo --pidfile > /var/run/sshd22001.pid 55c55 < start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd --- > start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile > /var/run/sshd22001.pid --exec /usr/sbin/sshd 62,63c62,63 < echo -n "Restarting OpenBSD Secure Shell server: sshd" < start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid --- > echo -n "Restarting OpenBSD Secure Shell server: sshd on port 22001" > start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile > /var/run/sshd22001.pid 65c65 < start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS --- > start-stop-daemon --start --quiet --pidfile /var/run/sshd22001.pid > --exec /usr/sbin/sshd -- $SSHD_OPTS Hope that helps! -Rob ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _____________________________________________________________________ Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto: https://lists.sourceforge.net/lists/listinfo/ltsp-discuss For additional LTSP help, try #ltsp channel on irc.freenode.net
