On Tue, 24 Jan 2012, Peter Eckel wrote: > On 24.01.2012, at 13:23, Alexander Farber wrote: > >> I'd like SSHd to keep listening at the_old_ip:22 but also at the_new_ip:443. > > # man sshd_config: > > ListenAddress > Specifies the local addresses sshd should listen on. The following forms may be used: > > ListenAddress host|IPv4_addr|IPv6_addr > ListenAddress host|IPv4_addr:port > ListenAddress [host|IPv6_addr]:port > > If port is not specified, sshd will listen on the address and all prior Port options specified. The > default is to listen on all local addresses. Multiple ListenAddress options are permitted. Addition- > ally, any Port options must precede this option for non port qualified addresses. > > # grep ListenAddress /etc/sshd/sshd_config: > > ListenAddress 127.0.0.1:443 > ListenAddress 192.168.42.182:22 > > # netstat -antup | grep sshd > > tcp 0 0 192.168.42.182:22 0.0.0.0:* LISTEN 31585/sshd > tcp 0 0 127.0.0.1:443 0.0.0.0:* LISTEN 31585/sshd Don't forget to tell selinux about the new port sshd is supposed to be listening on. Something like "semanage port -a -t ssh_port_t -p tcp 443" should do it. To verify what you have set something like "semanage port -l | grep ssh_port_t" should tell you. Regards, -- Tom me at tdiehl.org Spamtrap address me123 at tdiehl.org