On Tue, 28 Jan 2014 18:42:34 +0000 Brian <ad44@cityscape.co.uk> wrote: > The AllowUsers directive is a legitimate way to restrict ssh logins to > certain users. However, I do not see what (ssh keys + AllowUsers) > brings to the party that (password + AllowUsers) doesn't. A key (if kept secret) is even harder to "guess" than a password, also it's not "ssh keys + AllowUsers" it's (or should be) "ssh key + key pass-phrase + AllowUsers". Best regards.
Attachment:
signature.asc
Description: PGP signature