[macosx-unix] make sshd honor ListenAddress

[Jan Schaumann]

Hi,

So apparently sshd on Mac OS X completely ignores the ListenAddress and
Port directives in /etc/sshd_config.  AFAICT, sshd is spawned via xinetd
and reads the config file only after the connection is already
established.  All other parameters in /etc/sshd_config are indeed
honored.

Looking around, I found some gruesome hacks to make sshd listen on an
alternate port (add a new service called 'mysshd' to /etc/services, then
change /System/Library/LaunchDaemons/ssh.plist to use that service --
yuck!), but I can't find a way to make sshd listen only on one of my IP
addresses.

Yes, I guess I can enable the silly firewall and then block connections
to port 22 on one address and only allow them from the other, but this
seems like quite the hackjob around it ignoring a very standard
configuration parameter (and of course not mentioning this in the manual
pages anywhere!).

Any other ideas?

-Jan

-- 
"When it's fall in New York, the air smells as if someone's been frying
goats in it, and if you are keen to breathe the best plan is to open a
window and stick your head in a building."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://berdom.net/pipermail/macosx-unix/attachments/20051219/1eb4016b/attachment.bin