Re: MAC-based ssh
On Fri May 02, 2003 at 02:34:17PM +0200, Oliver Hitz wrote:
> On 02 May 2003, Hans van Leeuwen wrote:
> > I have decided to do this thrue SSH by putting the client key in
> > authorized_keys2. But this seems a little risky, so I was wondering if
> > it was possible to get sshd to only allow the client MAC-address.
>
[...]
> It is also possible to further restrict this connection. Something
> like
>
> command="/etc/init.d/bind restart",from="..." ssh-rsa ...
>
> will restart bind for every such connection without giving the user
> any other possibilities. Check sshd(8) for more options.
Better for an unprivileged user:
command="sudo /etc/init.d/bind restart",from="..." ssh-rsa ...
so long
Thomas
--
.''`. Obviously we do not want to leave zombies around. - W. R. Stevens
: :' : Thomas Krennwallner <djmaecki at ull dot at>
`. `'` 1024D/67A1DA7B 9484 D99D 2E1E 4E02 5446 DAD9 FF58 4E59 67A1 DA7B
`- http://bigfish.ull.at/~djmaecki/
Reply to: