[nycbug-talk] Restricting OpenSSH by account/IP
steverieger
steve
Tue Mar 15 16:57:23 EST 2005
On 3/15/05 4:24 PM, "pete wright" <nomadlogic at gmail.com> wrote:
> On Tue, 15 Mar 2005 16:17:30 -0500, Paul Dlug <paul at aps.org> wrote:
>>
>> On Mar 15, 2005, at 2:14 PM, pete wright wrote:
>
>
> hmmm...i see what you mean. I was under the assumtion that sshd would
> pass on the auth. to what ever Unix authentication method you are
> using (PAM, Kerberos or what ever). At least that is how it behaves
> on my systems (and I believe that by default PAM is enabled in
> OpenSSH), not sure how you have things setup though.
>
> -p
>
May I propose the following
Use ldap for ssh authentication and only allow ssh to listen to one ip
address.
Or perhaps I am missing something here.
More information about the talk
mailing list