>> i've restricted port 22 to a chosen few IP's, and run an additional ssh on >> another port that has different restrictions. i'd love if i could do both >> with just one instance, did i miss something? >> >> the problem with multiple instances is with yum updates. at first i had a >> customized /etc/init.d/sshd that started both instances, but every ssh >> update would replace it. now i have a second start script for the second >> port, but still, ssh updates kill both and only restart port 22. what is a >> better solution? > > Take a look at the "match" configuration option. Perhaps you can do what you > need in one instance with that? now that you mention it, perhaps so. matching by port isn't available, so on first look i passed it by, tho perhaps i could manage by matching on the address..