[Gllug] Selective SSH logins
Kilaru Sambaiah
ksambaiah at gmail.com
Tue Aug 26 12:01:48 UTC 2008
Hi Gary,
This is what you are looking?
*DenyUsers*
This keyword can be followed by a list of user name patterns,
separated by spaces. Login is disallowed for user names that
match one of the patterns. Only user names are valid; a numeri-
cal user ID is not recognized. By default, login is allowed for
all users. If the pattern takes the form USER at HOST then USER and
HOST are separately checked, restricting logins to particular
users from particular hosts. The allow/deny directives are pro-
cessed in the following order: *DenyUsers*, *AllowUsers*,
*DenyGroups*,
and finally *AllowGroups*.
thanks,
Sam
On Tue, Aug 26, 2008 at 12:57 PM, Garry Heaton <
garry at heaton6.freeserve.co.uk> wrote:
> Anyone know how to restrict SSH password logins to one account while
> retaining key authentication for everything else? The only server-wide
> options I can see are:
>
> PubKeyAuthentication yes/no
> PasswordAuthentication yes/no
>
> I want to have everybody using key authentication but retain one password
> login in case something goes wrong with the keys.
>
> Garry
>
>
>
>
> --
> Gllug mailing list - Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20080826/8d44bd24/attachment.html>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list