How to run two instances of sshd on Debian

There are only very few steps necessary to run several ssh daemons in parallel: create a second sshd_config, a second init script and add the second sshd to the default runlevels.

Why is it not possible to just start sshd a second time?
The second sshd would try to use the same IP address and the same port which is not possible. The reason is that the combination of a certain IP address and a certain port can only exist once on a system. So we need to run the second sshd either on a different IP address or a different port or both.

Let's assume we want to run the second ssh daemon on a different IP address. For security reasons we also want to change the standard port which is 22.

First, copy /etc/ssh/sshd_config to let's say /etc/ssh/sshd_two_config. Then open the copy and modify the two lines at the beginning of the file which start with "Port" and "ListenAddress". Just set another port, e.g. 10022 and change the IP address.

Now, copy the init script /etc/init.d/ssh to let's say /etc/init.d/ssh_two. Here search for all lines which contain the command "start-stop-daemon" and change the pidfile like that:
from

--pidfile /var/run/sshd.pid

--pidfile /var/run/sshd_two.pid

Then find the two lines which contain the variable "$SSHD_OPTS". After this variable (which is set by /etc/default/ssh) add an additional parameter that sets a different sshd config file:
from

-- $SSHD_OPTS

-- $SSHD_OPTS -f /etc/ssh/sshd_two_config

The last step is to add the second sshd instance to the default runlevels. This is done by executing the following command:

update-rc.d ssh_two defaults

Now the new sshd can be started with /etc/init.d/ssh_two. To check the result you can use

netstat -tulpen

The colunn "PID/Program name" must contain two sshd records now. Also check the columen "Local Address" for these lines that there are the correct IP addresses and ports.