Skip to content

gitlab-sshd : Listening on different ports

Hello,

Is it possible to configure gitlab-sshd to listen on different ports?

For example, if I wanted it to listen on port 2222 in IPv4 and 22 in IPv6.

gitlab_sshd['enable'] = true
gitlab_sshd['listen_address'] = ['*:2222', '[::]:22']

To be more precise, my GitLab is accessible :

  • in IPv4 but behind a NAT
  • in direct IPv6
flowchart TB
A[GitLab User IPv6] --22/tcp---> B[gitlab-sshd]
C[GitLab User IPv4] --22/tcp--> D[Firewall / NAT] --2222/tcp--> B

Note that I can't put the public IPv4 on the GitLab server, because it's used in src-nat for runners!

The only solution I have at the moment is to make a redirection rule with my firewall:

firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv6 forward-port protocol=tcp port=22 to-port=2222'

Thanks