Port-specific HostKeys in one sshd?

From: Mikhail Teterin <usenet+meow@xxxxxxxxxxxxxxxxx>
Date: Tue, 30 Jan 2007 15:36:14 -0500

Hello!

I'd like to make sshd use different host keys on different ports...

We have only one public IP address, so we used different port numbers (22,
23, and 24) to reach multiple servers (xxx, yyy, and zzz respectively)
beyond the front one (xxx) directly fromt he Internet.

We are consolidating these servers into one (iii) now and would like it to
listen on all three ports using the old servers' keys so as to be as
transparent to the users as possible.

I was hoping, something like

Port 22
HostKey /etc/ssh/ssh_host_key-xxx

Port 23
HostKey /etc/ssh/ssh_host_key-yyy

Port 24
HostKey /etc/ssh/ssh_host_key-zzz

would work, but it does not -- the server uses the first one
(ssh_host_key-xxx) on all ports...

Any hope? We could, of course, run three independent sshd processes, but
that's ugly...

Thanks for ideas!

-mi
.

Prev by Date: using ssh-agent
Next by Date: Integration of OpenSSH into my application
Previous by thread: using ssh-agent
Next by thread: Integration of OpenSSH into my application
Index(es):
- Date
- Thread

Relevant Pages

Re: Odd ssh attacks?
... Here is how I defend against ssh attacks. ... That will stop all traffic to servers like sshd that pay attention to ... Have sshd ALSO listen on a non-standard port and open up your router ...
(Ubuntu)
panic: page fault - 6.0-RELEASE-p7
... While we thought we had done enough testing, apparently we hadn't and are now experiencing panic's on a number of the servers. ... ppc0: parallel port not found. ... unknown: can't assign resources (memory) ...
(freebsd-questions)
Re: panic: page fault - 6.0-RELEASE-p7 (now 6.1-RC2)
... While we thought we had done enough testing, apparently we hadn't and are now experiencing panic's on a number of the servers. ... It has shown that information before, and it has always been tcpserver from the ucspi-tcp-0.88_2 port. ... unknown: can't assign resources (memory) ...
(freebsd-questions)
Is FreeBSD ready for desktop (Mozilla Flash)
... monitor,, somehow the install fails to detect ... "Macromedia Flash plugin is not available for FreeBSD. ... I quote again "Install the www/linuxpluginwrapper port. ... servers, ...
(comp.unix.bsd.freebsd.misc)
Re: [fw-wiz] Botnets, IRC servers and firewalls?
... explicity allow only port 80 and port 443 to our ... 2-3 proxy servers, port 25 to our 3 mail servers, and log everything ... This e-mail transmission and any documents, ...
(Firewall-Wizards)