rdomain 中的 OpenBSD sshd

我正在嘗試使用 rtables 設置具有路由分離的冗餘 CARP 集群。一切正常，但我如何告訴 sshd僅在 rdomain 2 中啟動？我知道我可以手動啟動它

# route -T4 exec /usr/sbin/sshd

但是 sshd 配置中似乎沒有集成 rdomains。

sshd_config(5)顯示：

ListenAddress
        Specifies the local addresses sshd(8) should listen on.  The
        following forms may be used:

              ListenAddress hostname|address [rdomain domain]
              ListenAddress hostname:port [rdomain domain]
              ListenAddress IPv4_address:port [rdomain domain]
              ListenAddress [hostname|address]:port [rdomain domain]

        The optional rdomain qualifier requests sshd(8) listen in an
        explicit routing domain.  If port is not specified, sshd will
        listen on the address and all Port options specified.  The
        default is to listen on all local addresses on the current
        default routing domain.  Multiple ListenAddress options are
        permitted.  For more information on routing domains, see
        rdomain(4).

因此，請確保您的 sshd 配置具有例如。ListenAddress 0.0.0.0 rdomain 1. 要創建 sshd 的實例，只需執行以下操作：

# ln -s sshd /etc/rc.d/sshd_rdomainX
# rcctl enable sshd_rdomainX
# rcctl set sshd_rdomainX flags -f /etc/ssh/sshd_config-rdomainX

要對其進行測試，請嘗試：

mx1#  /usr/sbin/sshd -T -f /tmp/sshd_config  | grep listenaddress
listenaddress 0.0.0.0:22 rdomain 1
mx1# /usr/sbin/sshd -D -d -f /tmp/sshd_config                     
...
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
debug1: rexec_argv[3]='-f'
debug1: rexec_argv[4]='/tmp/sshd_config'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22 rdomain 1.
...

引用自：https://serverfault.com/questions/865398