Thanks for the suggestions. I'm pretty certain sshd should be
listening on all the interfaces:
ListenAddress is not set in sshd_config since the default is all ( right?):
sshd[29394]: debug1: Bind to port 22 on 0.0.0.0.
sshd[29394]: Server listening on 0.0.0.0 port 22.
sshd[29394]: debug1: Bind to port 22 on ::.
sshd[29394]: Server listening on :: port 22.
netstat -an | grep ':22 ' | grep LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LISTEN
tcp 0 0 :::22 :::*
LISTEN
Which leaves routing issues. I am puzzled why sshd doesn't see/show
the incoming packets even at debug3. I can understand how it couldn't
complete authentication if the routing was messed up, but should it
see the incoming packets. Oh, well...
I reset sysctl.conf:
/etc/sysctl.conf:
net.ipv4.conf.default.rp_filter = 0
Now eth0 is the default gateway. And I'd like to leave it that way.
The eth3 interface is meant just for voip. But I'd also like to be
able to use ssh on both external interfaces.
ip rule add from <eth3's ip address>/32 table 128 priority 128
That worked, or at least didn't give any error, which puzzled me since
I didn't set up table 128.
But the next part was tougher:
ip route add default via <eth3's default gateway ip> table 128
eth3 is a verizon dsl line, that has a gateway of 10.32.173.xxx, which
isn't in the same net as my ip address 173.x.y.z. After some messing
around I set
route add -net 10.32.0.0 netmask 255.255.0.0 dev eth3
then
ip route add default via <eth3's default gateway ip> table 128
that worked.
And now I can ssh into both addresses. Stunned, but thankful and pleased.
Thanks for all the help.
sean
