Enhance Match Blocks to Test Server Port.

Ralph Corderoy ralph at inputplus.co.uk
Sat Aug 23 04:26:43 EST 2008


We'd like sshd to listen on port 22 with PasswordAuthentication = no and
port 2222 with PasswordAuthentication = yes.  At the moment, it seems
the only way to do this is to run two sshds, one per port.

Since Match blocks already allow PasswordAuthentication to be set, if
the Match keyword itself allowed testing of the server port to which the
incoming connection was made then we could do

    PasswordAuthentication no

    Match ServerPort 2222
    PasswordAuthentication yes

Does this sound plausible?  Would you consider it as an enhancement?
Should I open a bug accordingly for the work to be done against?



[I'm not subscribed, so please CC me.]

More information about the openssh-unix-dev mailing list