Running SSHD on multiple ports on CentOS release 6.2 (Final)

ssh centos redhat centos6.2

I am running CentOS release 6.2 (Final).

I want the sshd port of listen on ports 22 and 1022.

I have add the following lines to /etc/ssh/sshd_config:

Port 22
Port 1022

and restarted sshd and turned iptables off however I cannot connect to sshd on port 1022.

Even if I do the following

#Port 22
Port 1022

sshd continues listening on port 22 and does not listen on port 1022. I have tried other port values besides 1022 but no luck.

Help!


If you were using CentOS 5 the configuration you describe does work but a quick test suggests that sshd on CentOS 6 won't bind to any port below 1023 except 22 - I can't find a reference for this at the moment. If you want to access sshd on multiple ports then pick one >=1024.

Update - this is related to SELinux. Current policy doesn't allow sshd to bind to non standard ports below 1023 (as experiment confirms) e.g.

semanage port -l | grep 22
ssh_port_t                     tcp      22

If you want to add an additional port <=1023 you will have to explicitly allow it in SELinux

semanage port -a -t ssh_port_t  -p tcp 1022
semanage port -l | grep 22
ssh_port_t                     tcp      1022, 22

then restart sshd

netstat -tnlp
tcp      0    0 0.0.0.0:22          0.0.0.0:*             LISTEN      25376/sshd
tcp      0    0 0.0.0.0:1022        0.0.0.0:*             LISTEN      25376/sshd

Related

How can I tell which layers there are in an in-progress fortress in Dwarf Fortress?
Is combining gems worthwhile?
How can I get a pod back from orbit when it's out of fuel?
How do I build down?
How can I find Pokemon using the "sightings" feature?
Who's the brown dinosaur in Braid?
What makes a villager spawn?
How can I disable automatically joining the General chat when I log in?
What's the best way to grow mushrooms?
How do you get SAM to shut up?
How do you make an effective Minecraft mob trap?
How long does a Pokémon stay in one location?