On October 5, 2004 04:43 pm, Aaron Seigo wrote: > On October 5, 2004 13:53, Nick W wrote: > > I think I'm being misunderstood, I don't want root login w/out passwords, > > I want to be able to login as root from my local subnet, but not from > > outside. > > yes i understood. unfortunately, ssh's [Allow|Deny][Users|Groups] access > controls are pretty basic. the [Allow|Deny]Groups doesn't take an @host, > and the rules aren't "chained" but are rather "absolute". i've played with > these mechanisms in the past to get what you are looking for and couldn't > manage to get a working setup that met my desires. now, maybe i'm just > missing something (completely possible), but i've tried a few different > ways and haven't been able to do it. > > ergo, i suggested using key auth for the root user only. this allows your > users to keep using their passwords just like always, but rachet's up the > security for the root account by using keys and known hosts.
AHH, tis I that didn't understand :) hmm I'll ponder that one for a while.... thanks, Nick _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
