How to run another SSH daemon on Amazon EC2 - on a different port

Michał Turecki — Fri, 31 Oct 2014 11:15:18 +0000

Running a separate SSH server only makes sense when a second SSHD will run using different settings. If settings are the same, port forwarding should be enough to just pass the traffic from one port to another:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 20202 -j REDIRECT --to-port 22

where 20202 is the new port and 22 is the default SSH port.

If SSHD settings should be separate, we need another sshd instance with a copy of current configuration files).

Please remember to change the alternative ssh port number (20202) to a custom port.

ln -sf /usr/sbin/sshd /usr/sbin/alt_sshd
cat /etc/init.d/sshd | sed -e '/^.*sshd-keygen\s*$/! s/\([/ "]\)sshd/\1alt_sshd/' -e 's/^\(\s\+\$SSHD\)/\1 -f \/etc\/ssh\/alt_sshd_config/I' >/etc/init.d/alt_sshd
cat /etc/ssh/sshd_config | sed -e 's/^#*\s*\(pidfile.*\)sshd\.pid/\1alt_sshd.pid/I' -e 's/^#*\s*port\s\+[0-9]\+/Port 20202/I' >/etc/ssh/alt_sshd_config
cp -na /etc/sysconfig/sshd /etc/sysconfig/alt_sshd
cp -na /etc/pam.d/sshd /etc/pam.d/alt_sshd
chkconfig --add alt_sshd

After running the commands above, modify your new configuration file /etc/ssh/alt_sshd/config and start the sshd:

/etc/init.d/alt_sshd start

The chkconfig command will ensure the alt_sshd will start automatically after system restart.

linux

ssh

optimization

Michał Turecki - optimization

How to run another SSH daemon on Amazon EC2 - on a different port