[nycbug-talk] Restricting OpenSSH by account/IP
Okan Demirmen
okan
Tue Mar 15 17:11:38 EST 2005
paul,
sorry i've deleted the orignal post, but if i get the jist of what
you are looking for....as you've heard, doing this with ssh keys is
easy, however, there are some other ways - setup 2 sshd processes, and
bind one to another port, or maybe another aliased ip. then use the
Alow{Users,Groups} option in each respective sshd_config. or you could
just write a shell script that is the shell for the internal users,
which checks source ip then exec()'s a real shell. i'm sure there are
other ideas and ways...
$.02
okan
--
Okan Demirmen <okan at demirmen.com>
PGP-Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB3670934
PGP-Fingerprint: 226D B4AE 78A9 7F4E CD2B 1B44 C281 AF18 B367 0934
More information about the talk
mailing list