I am trying to require ssh keys for SSH connections that originate outside of a
subnet but allowing password auth within a subnet. Before setting up FreeIPA,
I did this by setting the following in my sshd_config:
PasswordAuthentication no
Match Address 172.16.0.*
PasswordAuthentication yes
After setting up FreeIPA, this configuration seems to be ignored. Instead,
password authentication seems to be allowed from any connection if key-based
auth fails. I presume I need to make changes to the sssd configuration but I'm
having trouble finding any info on achieving this. Any info would be helpful.
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
