Re: Different SSH server settings for alias IP

On Sat, 28 Jan 2006 18:33:31 +0100 in <drg9tb$o7a$1@xxxxxxxxx> Gunnar Frenzel <Gunnar_Frenzel@xxxxxx> wrote:

[Question on odd ssh config snipped]

I found it to be less of a PITA to block port 22 on the interface I do not
want listening and put in a pf redirect rule of non-standard port on
that interface to 127.0.0.1:22 [1].

If you have a need to change other directives on a per interface basis
(IE block root login), two config files, explicitly define which IPs
and ports to bind to in each config, start two sshds.

Keep in mind that doing the second option incorrectly can lead to inadvertantly
opening the wrong port and may break things that depend on ssh localhost.

[1] Actually it's a default deny policy.
--
Chris Dukes
Suspicion breeds confidence -- Brazil
.