sshd on two fibs

[Doug Hardie]

> On 20 September 2020, at 16:20, Grzegorz Junka <list1 at gjunka.com> wrote:
> 
> I have two WANs and a server with two interfaces, each interface reaching different WAN. The server is configured with two routing tables, fib0 and fib1, one per the corresponding interface.
> 
> I would like sshd to listen on both interfaces but on different fibs, so that returning packets are sent to the proper gateway. Can I do it with one sshd? Do I need to run two separate sshd's? Can I run two separate sshd's on the same box?


I have sshd running on two interfaces by using pf to handle the situation.  /etc/rc.conf contains 
	sshd_enable="YES" 


pf.conf contains
	ext_if = "em0" 
	back_if = "em1" 
	set skip on lo0 
	SSH = "nn" 
	pass in all 
	pass out all
	pass in log on $back_if proto tcp from any to any port $SSH 	
	pass in log on $back_if reply-to ($back_if 192.168.1.254) proto tcp from any to any port $SSH keep state 


where:
	nn is the non-standard port I use for ssh
	192.168.1.254 is the router for the second interface.

I don't use fibs at all for this, although I do have them setup for when I want to check out the second port connections.

-- Doug