Hi,

We'd like sshd to listen on port 22 with PasswordAuthentication = no and
port 2222 with PasswordAuthentication = yes. At the moment, it seems
the only way to do this is to run two sshds, one per port.

Since Match blocks already allow PasswordAuthentication to be set, if
the Match keyword itself allowed testing of the server port to which the
incoming connection was made then we could do

PasswordAuthentication no
...

Match ServerPort 2222
PasswordAuthentication yes

Does this sound plausible? Would you consider it as an enhancement?
Should I open a bug accordingly for the work to be done against?

Cheers,


Ralph.

[I'm not subscribed, so please CC me.]

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev