I have a CVS repository inside of a firewall, and I want to allow
users to access this repository from the outside world. I can grant
access by forwarding a port on the firewall to the machine with the
CVS repository without problems. Since this is a hole in the
firewall, it introduces a security risk into the system.
As an act of extra protection, I would like to stick sshd on two ports
for the CVS machine. On port 22, sshd would run with a normal level
of security, but on the second port (which is visible to the world), I
would like to restrict all but public key identification. Putting
sshd on two ports is trivial, but I can't seem to figure out how to
configure them differently.
Is there any way to configure the two ports differently with one
As far as I can tell, settings listed in /etc/sshd.conf cannot be
tailored to specific ports, which means either I give both ports the
same permissions or run two copies of the ssh daemon which look at two
different configuration files. Either way is ugly and I'd like to
avoid doing that if at all possible.
Is there another clean and easy solution to my problem?
Thanks in advance,