RE: SSH IP binding problem

From: Huijsmans, JCM (Jan) (J.C.M.Huijsmans_at_rf.rabobank.nl)
Date: 07/10/03

  • Next message: Ingolf Steinbach: "Restrict port forwarding - how?"
    Date: Thu, 10 Jul 2003 09:20:32 +0200
    To: ricardobastos <ricardobastos@netcabo.pt>, secureshell@securityfocus.com
    
    

    Hello,
     
    > 2) to have 2 instances of SSH on each machine, each of them
    > listening on a different address. Then I would force the
    > cluster to move the SSH daemon bound to IP2.port along with
    > IF2. I do not really if this is possible, specially because I
    > use tcp wrappers and I would need to reference the "sshd"
    > service, on each machine, independently.

    Works like a charm here. (at least on IBM's HACMP clustering software)
    Overhere we have the config, including keys, on a diskset that's configured to move around with the cluster.

    As soon as the IF2 interface is activated on the running system sshd is started with the cluster specific configuration with sshd -f <config>. This enables the sshd process, but there is no need for extra entries in the hosts.allow, as the daemon name is unchanged. (As I suspect sshd to use $0 for finding the correct entries)

    J. Huijsmans

    Rabobank ICT
    Serverbedrijf Unix

    ... To decode this comment into a readable form, rot13 it twice.

    ================================================
    De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
    is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
    onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en
    de afzender direct te informeren door het bericht te retourneren.
    ================================================
    The information contained in this message may be confidential
    and is intended to be exclusively for the addressee. Should you
    receive this message unintentionally, please do not use the contents
    herein and notify the sender immediately by return e-mail.


  • Next message: Ingolf Steinbach: "Restrict port forwarding - how?"

    Relevant Pages

    • Re: Partitioned cluster question (reboot during lost quorum)
      ... Welll, my own idea is to be able to boot distinctly and completely and fully outside the cluster, and to thus reduce the chances of creatively configured corruptions. ... If I can configure to avoid the problem, then I will. ... But when shadowset members appear gradually as nodes boot, ... physical drive has the valid contents comes from knowing the config, ...
      (comp.os.vms)
    • Re: Groups wont failover
      ... Node-B had an incorrect subnet mask. ... IP config for the server and saw that the subnet mask was wrong. ... If Cluster Groups are not functioning correctly, verify the IP config on the ... All resources go offline, it attempts ...
      (microsoft.public.windows.server.clustering)
    • Re: find remove all but the latest 5 files (with spaces and brackets)
      ... backup of them and then deletes any older job. ... If that produces the correct commands for you then pipe that into a shell... ... rm: cannot remove `Cluster': No such file or directory ... rm: cannot remove `Config': No such file or directory ...
      (comp.unix.shell)
    • Re: find remove all but the latest 5 files (with spaces and brackets)
      ... backup of them and then deletes any older job. ... If that produces the correct commands for you then pipe that into a shell... ... rm: cannot remove `Cluster': No such file or directory ... rm: cannot remove `Config': No such file or directory ...
      (comp.unix.shell)
    • find remove all but the latest 5 files (with spaces and brackets)
      ... I am trying to write a script that goes though my jenkins jobs create a backup of them and then deletes any older job. ... rm: cannot remove `Cluster': No such file or directory ... rm: cannot remove `Config': No such file or directory ...
      (comp.unix.shell)