[discuss] Supporting multiple instances of sshd

Tue, 04 Sep 2012 17:39:40 -0700 

So far as I can tell, the ssh service that runs sshd does not elegantly
support multiple instances of ssh on a single host. With SMF, it should
be as simple as creating another instance of svc:/network/ssh, setting
the config file to something different and progressing from there.
Presently it is not that simple.

Before I submit a bug (with the patch below), I'm curious if any others
have looked at solving this problem or if they've got thoughts on how it
should be solved.

Cheers,
Darren

--- sshd.orig   Wed Sep  5 09:56:35 2012
+++ sshd        Wed Sep  5 10:02:36 2012
@@ -1,13 +1,20 @@
 #!/sbin/sh
 #
 # Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+# Copyrigth 2012 Darren Reed. All rights reserved.
 # Use is subject to license terms.
 #
 # ident        "@(#)sshd       1.4     04/11/17 SMI"

-SSHDIR=/etc/ssh
 KEYGEN="/usr/bin/ssh-keygen -q"
 PIDFILE=/var/run/sshd.pid
+ENTITIES=`svcprop -c -p config_data/entities ${FMRI} 2>/dev/null`
+if [ -n "$ENTITIES" ] ; then
+       SSHDCONFIG=`expr "${ENTITIES}" : '[^/]*/[^/]*/[^/]*\(.*\)'`
+else
+       SSHDCONFIG=/etc/ssh/sshd_config
+fi
+SSHDIR=`dirname "$SSHDCONFIG"`

 # Checks to see if RSA, and DSA host keys are available
 # if any of these keys are not present, the respective keys are
 created.
@@ -17,10 +24,10 @@
        keytype=$2

        if [ ! -f $keypath ]; then
-               grep "^HostKey $keypath" $SSHDIR/sshd_config > /dev/null
2>&1
+               grep "^HostKey $keypath" "$SSHDCONFIG" > /dev/null 2>&1
                if [ $? -eq 0 ]; then
                        echo Creating new $keytype public/private host
                        key pair
-                       $KEYGEN -f $keypath -t $keytype -N ''
+                       $KEYGEN -f "$keypath" -t "$keytype" -N ''
                        return $?
                fi
        fi
@@ -38,8 +45,10 @@
 case $1 in
        # sysidconfig/sys-unconfig arguments (-c and -u)
 '-c')
-       create_key $SSHDIR/ssh_host_rsa_key rsa
-       create_key $SSHDIR/ssh_host_dsa_key dsa
+       for keyfile in `awk '/^HostKey/ { print $2; } ' "$SSHD_CONFIG"`;
do
+               type=`expr "$keyfile" : '.*_\([rd]sa\)_.*'`
+               create_key "$keyfile" "$type"
+       done
        ;;

 '-u')
@@ -50,12 +59,12 @@

        # SMF arguments (start and restart [really "refresh"])
 'start')
-       /usr/lib/ssh/sshd
+       /usr/lib/ssh/sshd -f "$SSHDCONFIG"
        ;;

 'restart')
        if [ -f "$PIDFILE" ]; then
-               /usr/bin/kill -HUP `/usr/bin/cat $PIDFILE`
+               /usr/bin/kill -HUP `/usr/bin/cat "$PIDFILE"`
        fi
        ;;


-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4
Powered by Listbox: http://www.listbox.com

Reply via email to