[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] resctrict ssh to localnet for some users but not for others.

On Tue, Nov 27, 2001 at 10:23:57AM +0100, op wrote:
> This isn't debian specific but ...
> I specify  the users in /ets/ssh/sshd_config who are allowed to connect via 
> ssh. But I'd like some more control. I'd like to control which subnets user x 
> can connect from. Some should be allowed to connect from anywhere but some 
> should only be able to conect from the local network.

Use pam_access.

in /etc/security/access.conf

	-:localnetuser1 localnetuser2:ALL EXCEPT LOCAL .localdomain

in /etc/pam.d/ssh after "account requiered pam_unix.so"

	account requiered pam_access.so

hope that helps

Reply to: