Re: authentication in ssh
First off, thank all of you for your replies. Since I was unable
to find a standard way to achieve what I wanted, I've developed a
set of patches for OpenSSH 3.7.1p1. The patch adds a new
configuration option, by which you can define what authentication
methods are available for a given <user|group, host> twin.
Unfortunately, I will only work for protocol versions 1.99 and
above. If you're interested, just drop me an e-mail.
On Wed, Nov 12, 2003 at 10:23:08AM -0600, David Ehle wrote:
>
> Hmm, just occured to me that you could do the following, though I think it
> would be considered a kludge. Run 2 sshd daemons on different ports. On
I think I'll choose this approach in the long run anyway. Having a
separated daemon for the powerusers (including me in this context)
seems reasonable, so that I won't be locked out if the "public"
sshd gets DoSed somehow.
> This would mean however that you power users would need to custom
> configure their ssh clients to talk to your oddball port. Kind of
> inconvenient...
Packet filters are more of my concerns. Probably a few REDIRECT
rules will be needed.
bit,
adam
--
1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989
finger://borso@vekoll.vein.hu | Some days, my soul's confined
http://www.keyserver.net | And out of mind
Sleep forever
Reply to: