Re: Allow password auth for one user with sftp?
moin,
On [Sun, 14.01.2007 20:17], Stefan Fritsch wrote:
SF> On Sunday 14 January 2007 14:36, Adrian von Bidder wrote:
SF> > I have users a, b, c, d, e. All users except e can have shell
SF> > access, but beecause shell access is powerful, must not be able to
SF> > log in with password, but only with public key. User e is allowed
SF> > to log in with password and is restricted by rssh to only use scp,
SF> > sftp or rsync so that even if that password is stolen/guessed, the
SF> > attacker can at most deface the hosted web site in e's directory.
SF> >
SF> > Judging from the replies I've received so far I'll just end up
SF> > running a 2nd sshd on port 2222 or wherever.
SF>
SF> Openssh 4.4 supports per user configuration. But I don't think it will
SF> get into Debian before Etch's release.
wanted to post this too - if you mean the Match directive. but then i saw,
that match currently works for POST authentication directives like
x-forwarding.
from the man-page of sshd_config:
Available keywords are AllowTcpForwarding, ForceCommand, GatewayPorts,
PermitOpen, X11DisplayOffset, X11Forwarding, and X11UseLocalHost
hth,
roman
Reply to: