5 C
New York
Saturday, December 28, 2024

Run a secondary SSH server on MacOS Sequoia


I exploit SSH extensively for intersystem communication inside a personal (192.x.x.x) community. Now there’s a want to permit solely some features (notably SCP) with a few servers from the exterior world. So, persevering with to make use of port 22 internally, I want to arrange a extra restricted SSH server (say on port 10022) for entry from the web (sure, I’m conscious of the dangers and take the duty if all of it falls aside).

I do not see that query addressed right here at Ask Totally different(ly). I see there’s a /and so on/ssh/sshd_config file and it appears fairly customary… is it only a matter of duplicating and modifying that, and doing the identical with a plist? If that’s the case, the place would I discover that plist?

(I discovered /System/Library/LaunchDaemons/ssh.plist however that claims it is disabled. I additionally discovered /System/Library/LaunchAgents/com.openssh.ssh-agent.plist however I am undecided that is proper both, particularly since it’s within the Brokers (not Daemons) listing.

Currenly, the energetic strains in /and so on/ssh/sshd_config_alt are:

Port xxxxx
SyslogFacility AUTH
LogLevel INFO
PubkeyAuthentication sure
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no
AllowAgentForwarding no
AllowTcpForwarding no
PermitTTY no
PermitUserEnvironment no
ForceCommand internal-sftp

That is what transpires when an individual tries to SSH to that system

> ssh -p nnnnn macstudio                                                                                                                                                                 
PTY allocation request failed on channel 0
This service permits sftp connections solely.
Connection to macstudio closed.

In fact, the modified port 22 /and so on/ssh/sshd_config file limits the incoming connections to native community.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles