Setting up an SSHD failover daemon in Ubuntu
A simple post on setting up a secondary (failover/redundant) SSH daemon within Ubuntu. This post assumes you already have SSHD running.
This works with Ubuntu releases 16.04, 16.10 and 17.04
- Copy existing sshd config file to failover config file
# cd /etc/ssh # cp sshd_config sshd_config.failover
- Edit the sshd_config.failover config file:
- Change Port from default to ALT_PORT, for example from:
Port 22
toPort 1234
- Change PidFile from
#PidFile /var/run/sshd.pid
toPidFile /var/run/sshd.failover.pid
- Change Port from default to ALT_PORT, for example from:
- If you have a firewall installed, open the ALT_PORT to listen on the network interface. For example using iptables:
# iptables -A INPUT -p tcp -m tcp --dport 1234 -j ACCEPT
change the1234
to match your assigned ALT_PORT - Create new startup script for failover
# cd /lib/systemd/system # cp ssh.service sshd.failover.service
- Edit sshd.failover.service file:
- Change ExecStart from
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
toExecStart=/usr/sbin/sshd -D $SSHD_OPTS -f /etc/ssh/sshd_config.failover
- Change Alias from
Alias=sshd.service
toAlias=sshd.failover.service
- Change ExecStart from
- Enable and start the new SSHD failover service
# systemctl enable sshd.failover # systemctl start sshd.failover