At 1:17 PM +1000 4/8/06, Darren Tucker wrote:
There's been some work[1] recently to extend sshd_config
to allow it to apply some config directives based on
certain attributes of the connection. If you're prepared
to try the patch, it allows for directives in sshd_config
such as:
PasswordAuthentication no
Match User user1,user2
PasswordAuthentication yes
Match Group pwallowed
PasswordAuthentication yes
and similar.
[1] http://bugzilla.mindrot.org/show_bug.cgi?id=1180
Hmm.
This probably conflicts with some changes I've been working
on, although I do agree that this is the better way to handle
many of the options. I just have to figure out how this will
alter things wrt what I have been working on.
I think the above would work better if one could define a
group of attributes (values for PasswordAuthentication, etc),
and then specify that group of attributes on a 'match'
directive.
--
Garance Alistair Drosehn = [EMAIL PROTECTED]
Senior Systems Programmer or [EMAIL PROTECTED]
Rensselaer Polytechnic Institute or [EMAIL PROTECTED]
