Eamon Doyle via FreeIPA-users wrote: > I am trying to require ssh keys for SSH connections that originate outside of > a subnet but allowing password auth within a subnet. Before setting up > FreeIPA, I did this by setting the following in my sshd_config: > > PasswordAuthentication no > > Match Address 172.16.0.* > PasswordAuthentication yes > > > After setting up FreeIPA, this configuration seems to be ignored. Instead, > password authentication seems to be allowed from any connection if key-based > auth fails. I presume I need to make changes to the sssd configuration but > I'm having trouble finding any info on achieving this. Any info would be > helpful.
I assume you confirmed that your configuration was preserved after running ipa-client-install? rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
