Re: [OT] resctrict ssh to localnet for some users but not for others.

To: debian-security@lists.debian.org
Cc: op <ol1@v10a.com>
Subject: Re: [OT] resctrict ssh to localnet for some users but not for others.
From: Guillem Jover <guillem.jover@menta.net>
Date: Tue, 27 Nov 2001 17:13:38 +0100
Message-id: <[🔎] 20011127171338.C441@zulo.earth>
Mail-followup-to: debian-security@lists.debian.org, op <ol1@v10a.com>
In-reply-to: <[🔎] 200111270924.fAR9O2204321@smtp.wineasy.se>; from ol1@v10a.com on Tue, Nov 27, 2001 at 10:23:57AM +0100
References: <[🔎] 200111270924.fAR9O2204321@smtp.wineasy.se>

On Tue, Nov 27, 2001 at 10:23:57AM +0100, op wrote:
> This isn't debian specific but ...
> 
> I specify  the users in /ets/ssh/sshd_config who are allowed to connect via 
> ssh. But I'd like some more control. I'd like to control which subnets user x 
> can connect from. Some should be allowed to connect from anywhere but some 
> should only be able to conect from the local network.

Use pam_access.

in /etc/security/access.conf

	-:localnetuser1 localnetuser2:ALL EXCEPT LOCAL .localdomain

in /etc/pam.d/ssh after "account requiered pam_unix.so"

	account requiered pam_access.so

hope that helps

Reply to:

Follow-Ups:
- Re: [OT] resctrict ssh to localnet for some users but not for others.
  - From: op <ol1@v10a.com>

References:
- [OT] resctrict ssh to localnet for some users but not for others.
  - From: op <ol1@v10a.com>

Prev by Date: Re: [OT] resctrict ssh to localnet for some users but not for others.
Next by Date: urgent wdm security issue (woody & sid only)
Previous by thread: Re: [OT] resctrict ssh to localnet for some users but not for others.
Next by thread: Re: [OT] resctrict ssh to localnet for some users but not for others.
Index(es):
- Date
- Thread