[CentOS] sshd: listen on ip1:port1 and ip2:port2

me at tdiehl.org me at tdiehl.org
Tue Jan 24 15:37:42 UTC 2012


On Tue, 24 Jan 2012, Peter Eckel wrote:

> On 24.01.2012, at 13:23, Alexander Farber wrote:
>
>> I'd like SSHd to keep listening at the_old_ip:22 but also at the_new_ip:443.
>
> # man sshd_config:
>
>     ListenAddress
>             Specifies the local addresses sshd should listen on.  The following forms may be used:
>
>                   ListenAddress host|IPv4_addr|IPv6_addr
>                   ListenAddress host|IPv4_addr:port
>                   ListenAddress [host|IPv6_addr]:port
>
>             If port is not specified, sshd will listen on the address and all prior Port options specified.  The
>             default is to listen on all local addresses.  Multiple ListenAddress options are permitted.  Addition-
>             ally, any Port options must precede this option for non port qualified addresses.
>
> # grep ListenAddress /etc/sshd/sshd_config:
>
> ListenAddress 127.0.0.1:443
> ListenAddress 192.168.42.182:22
>
> # netstat -antup | grep sshd
>
> tcp    0  0 192.168.42.182:22   0.0.0.0:*   LISTEN  31585/sshd
> tcp    0  0 127.0.0.1:443       0.0.0.0:*   LISTEN  31585/sshd

Don't forget to tell selinux about the new port sshd is supposed to be listening on.
Something like "semanage port -a -t ssh_port_t -p tcp 443" should do it.

To verify what you have set something like "semanage port -l | grep ssh_port_t"
should tell you.

Regards,

-- 
Tom			me at tdiehl.org		Spamtrap address	 		me123 at tdiehl.org



More information about the CentOS mailing list