On Thu, 24 Nov 2005, Patrick wrote: > I have an server running sshd on Sarge. I want all users to be able to > access the computer from within the internal network - but restrict > access from the internet (to users in a particular group). Can this be > achieved by combining the /etc/hosts.allow or /etc/hosts.deny files and > the AllowGroup (or AllowUsers) options in sshd configuration file.
You are looking for pam_access. [EMAIL PROTECTED]:~$ grep -C3 access /etc/pam.d/ssh # Standard Un*x authentication. @include common-auth # do etc/security/access checks # weasel, Fri, 25 Feb 2005 12:05:42 +0100 account required pam_access.so # [1] # Standard Un*x authorization. @include common-account [EMAIL PROTECTED]:~$ tail -n5 /etc/security/access.conf # weasel, Fri, 25 Feb 2005 12:06:57 +0100 +:ALL:127. +:ALL:192.0.2. +:weasel:ALL -:ALL:ALL HTH. -- PGP signed and encrypted | .''`. ** Debian GNU/Linux ** messages preferred. | : :' : The universal | `. `' Operating System http://www.palfrader.org/ | `- http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]