I have an ipa-server-2.2.0-16.el6.x86_64 server serving different version
of ipa-clients and so far it has been good. I have noticed that some of our
DEVs have started to ssh into some of the systems that I had no intention
of making available through ssh.

I have tried to revoke specific group ssh permission from a certain host
and I don't seem to be having luck. I have only looked under policy and IPA
server tabs but these two tabs seem like they can only add more access/role
from the default user.

Would it be possible to deny ssh access per host without pulling a host off
FreeIPA management?

Thanks in advance

Freeipa-users mailing list

Reply via email to