[Gllug] Restricting ssh public key access

Andy McGarty andy at mcgarty.net
Thu Aug 1 14:55:58 UTC 2002


>
> > >TCP wrappers?
> >
> > How would that help?
>
> It would not and neither would firewalling. The issue can only be dealt
> with by sshd.
Sorry, I thought it was key access only. (Adn I guess I wasn't the only
one).  You didn't say you would allow standard authentication in your
original post.

If you are forcing a lower level of security for these users why not use it
globally?

If your users are giving out your keys so others can access your site, wont
they also give out standard user names and passwords?  I'm not sure what you
are gaining?
>
> > I want them to be able to log in from anywhere,
> > just if they're not coming from an approved source, then they have to
> > use password authentication, rather than public key authentication.
>
> You can certainly disallow public key authentication on a global basis. I
> don't think you can selectively apply the option though :(
>
> --
> Gllug mailing list  -  Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list