Hello,
On 8/8/06, holger glaess <[EMAIL PROTECTED]> wrote:
hi
i hope this list is the right one for my question .
i look for an funktion to limit the login by name AND ip range.
example.
root login ALLOW from www.xxx.yyy.zzz
deny from all
myname login ALLOW from all
deny from www.xxx.yyy.zzz
if there exist an feature / funktion of sshd to do this or i need an additional
software ?
sshd_config(5):
AllowUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for us-
er names that match one of the patterns. Only user names are
valid; a numerical user ID is not recognized. By default, login
is allowed for all users. If the pattern takes the form US-
[EMAIL PROTECTED] then USER and HOST are separately checked,
restricting
logins to particular users from particular hosts. The allow/deny
directives are processed in the following order: DenyUsers,
AllowUsers, DenyGroups, and finally AllowGroups.
See PATTERNS in ssh_config(5) for more information on patterns.
For example, "AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED]"
i diden4t wan4t to start an diskussion about security and why i have permit to
login as root.
holger
--
Dmitri A. Alenitchev
No place like $HOME
