Hey all, New user here. I have a user "user1" that I want to allow a couple of different users "userX and userY" to be allowed to ssh into "server1" and "server2", but not both servers using ssh-keys.
So as an example. UserX will ssh user1@server2 with ssh-key, but I don't want userY to be able to successfully run the same command. I currently have userX and userY's public ssh-key attached to user1 and I have created a HBAC rule to allow user1 to connect with ssh on both server1 and server2. This is allowing user1 to connect to both servers fine, without a password. It also is allowing users (X & Y) to ssh user1@server1 and user1@server2. How can stop that to restrict userX to be able to ssh as user1 on server1, but not server2? Do I need to do something with the keytabs or add the ssh-keys for userX to the server1 host only? Sorry if this is confusing and thank you for your help on this. -- -- Do not meddle in the affairs of dragons cause you are crunchy and good with ketchup.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project