Hello,
I realize I worded the last message poorly. I meant to run ps to list the sshd processes so you could see the command that was used to start them. This would tell you whether or not the -f options was being used when ext_ssh was started. The problems you are seeing are mainly with the ext_ssh file. The instructions were written for Redhat and need to be reworked for Ubuntu because its service startup scripts have a different structure.

I took a look at an Ubuntu installation. There is no OPTIONS variable in /etc/init.d/ssh so the "OPTIONS=" line you added has no effect. Instead, it uses a SSHD_OPTS variable. Find the "init-functions" line and add the following line after it:

SSHD_OPTS="-f /etc/ssh/external_sshd_config"

Change all "sshd.pid" strings to "ext_sshd.pid". The following sed command should work:
sed -i -r -e "s/(ext_)?sshd\.pid/ext_sshd.pid/g" /etc/init.d/ext_ssh

I have attached a script I used to configure sshd on my Ubuntu test image. It's pretty raw but it works for me. Please reply if you have any problems with it. I'll update the documentation with this script if it's working properly.

Hope this helps,
Andy

Kiran N wrote:
Thanks Andy for the response!

After stopping all the SSH services, I restarted the external ssh by the
command
/etc/init.d/ext_ssh start
and as you said, ext_ssh is listening on the private IP address.
I am attaching the ssh, ext_ssh and external_ssh_config files.
Also the output for command used to start the external sshd process:
ps -ef | grep sshd
is not as you said.

Hope this helps to figure out the problem!
#!/bin/bash

function set_config {
        if [ $# -ne 3 ]
        then
                echo "usage: set_config [config_file] [keyword] [value]"
                exit 1
        fi

        config_file=$1
        keyword=$2
        value=$3
        
        if [ $value == '#' ]
        then
                #echo "Commenting $keyword lines in $config_file"
                sed -i -r -e "s/^[ #]*($keyword .*)/#\1/" $config_file
        else
                if [ `grep -i -r -c "^[ #]*$keyword " $config_file` == '0' ]
                then
                        #echo "Adding $keyword value to $config_file"
                        echo "$keyword $value" >> $config_file
                else
                        escaped_value=$(echo $value | sed -e 's/\//\\\//g')
                        #echo Setting $keyword to $value in $config_file
         sed -i -r -e "s/^[ #]*($keyword).*/\1 $escaped_value/" $config_file    
                fi
        fi
        
        #grep -i -r "^[ #]*$keyword" $config_file
        
        return 1;
}

clear
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ORIG

set_config '/etc/ssh/sshd_config' 'StrictModes' 'no'
set_config '/etc/ssh/sshd_config' 'X11Forwarding' 'yes'
set_config '/etc/ssh/sshd_config' 'KeyRegenerationInterval' '0'
set_config '/etc/ssh/sshd_config' 'MaxStartups' '#'

cp /etc/ssh/sshd_config /etc/ssh/external_sshd_config

set_config '/etc/ssh/external_sshd_config' 'PidFile' '/var/run/ext_sshd.pid'

sed -i -r -e "s/^[ #]*AllowUsers.*//g" /etc/ssh/sshd_config
sed -i -r -e "s/^[ #]*AllowUsers.*//g" /etc/ssh/external_sshd_config

sed -i -r -e "s/^[ #]*ListenAddress.*//g" /etc/ssh/sshd_config
sed -i -r -e "s/^[ #]*ListenAddress.*//g" /etc/ssh/external_sshd_config

IP0=$(ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | awk -F: '{print 
$2}')
IP1=$(ifconfig eth1 | grep 'inet addr' | awk '{print $2}' | awk -F: '{print 
$2}')
echo "IP eth0: $IP0"
echo "IP eth1: $IP1"

echo "AllowUsers root" >> /etc/ssh/sshd_config

echo "ListenAddress $IP0" >> /etc/ssh/sshd_config
echo "ListenAddress $IP1" >> /etc/ssh/external_sshd_config

cp /etc/init.d/ssh /etc/init.d/ext_ssh
sed -i -r -e "s/(ext_)?sshd\.pid/ext_sshd.pid/g" /etc/init.d/ext_ssh
sed -i -r -e "s/\"sshd\"/\"ext_sshd\"/g" /etc/init.d/ext_ssh
sed -i -r -e "s/(.*init-functions)/\1\n\nSSHD_OPTS=\"-f 
\/etc\/ssh\/external_sshd_config\"/" /etc/init.d/ext_ssh

echo
echo Stopping sshd services...
service ssh stop
sleep 2
service ext_ssh stop
sleep 2

rm -f /var/run/*sshd*pid

echo
echo Starting sshd services...
service ssh start
sleep 2
service ext_ssh start

echo
echo sshd processes:
pgrep -fl "sbin.sshd"
echo
echo sshd.pid: `cat /var/run/sshd.pid`
echo ext_sshd.pid: `cat /var/run/ext_sshd.pid`

Reply via email to