Re: ssh and root logins

To: debian-isp@lists.debian.org
Subject: Re: ssh and root logins
From: Paul Hink <email@p-hink.de>
Date: 11 Aug 2004 15:06:42 GMT
Message-id: <[🔎] slrnchkddh.fr.email@siesta.cruxwan.de>
References: <[🔎] 20040810105256.GA4398@clifton-labs.com> <[🔎] 200408102112.29174.russell@coker.com.au>

Russell Coker <russell@coker.com.au> wrote:

> Ideally we would be able to specify a list of acceptable IP addresses
> for each account, both in a central file and in per-user config
> files.  It would be really great if someone would write code to do
> this!

It is already possible to specify such a list in a system-wide
configuration file (sshd_config):

|     AllowUsers

| [...]

|             If the pattern takes the form USER@HOST then USER and
|             HOST are separately checked, restricting logins to
|             particular users from particular hosts.

sshd_config(5)

And when using keypair authentication, ordinary users can restrict the
hosts their keys may be used from as well:

| AUTHORIZED_KEYS FILE FORMAT

| [...]

|     from="pattern-list"
|             Specifies that in addition to RSA authentication, the
|             canonical name of the remote host must be present in the
|             comma-separated list of patterns

sshd(8)

Paul

Reply to:

References:
- ssh and root logins
  - From: Dale E Martin <dmartin@cliftonlabs.com>
- Re: ssh and root logins
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: Auth_imap: Required IMAP functions were not found.
Next by Date: Re: Auth_imap: Required IMAP functions were not found.
Previous by thread: Re: ssh and root logins
Next by thread: Re: ssh and root logins
Index(es):
- Date
- Thread