Jason Edgecombe wrote:
[...]
what about using the "AllowUser u...@host" option in /etc/ssh/sshd_config?
If you use ssh keys or kerberos ticket forwarding, then I think that PAM
is bypassed entirely depending on your sshd config. check the "UsePAM"
sshd option.
Thanks, Jason. You are right. Currently I have to use ssh keys for root
in order to be able to test the pam.d/sshd in case I do something
wrong and lose access to the server.
I also tried AllowUsers in sshd_config. I can limit u...@host2, u...@host3
but how do I specify other people have no limit ?
When I have
AllowUsers u...@host2 u...@host3
then I can limit u2 and u3 to login only from u2 and i3, correspondingly
but no other users can login.
When I have
AllowUsers u...@host2 u...@host3 *
then u2 and u3 can login just fine from anywhere.
Thanks,
Vu
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
