user at host in AllowUsers
Pekka Savola
pekkas at netcore.fi
Thu Jun 14 07:16:46 EST 2001
On Wed, 13 Jun 2001, Allan Stokes wrote:
> Andrew's patch would do the job just fine. I hope it gets incorporated,
> especially since the SSH book implies that this kind of access control is
> possible.
This has been a feature of SSH.COM's sshd for a long time, and this is
what the book is probably referring to.
Basically methods to control connecting hosts in sshd_config have been
removed from OpenSSH because most of these features are provided by
tcp_wrappers.
Default tcp_wrappers can't handle the situation you're describing, or one
where you want to use wildcards in all possible places in hostname
definitions. There has been some debate on this in the past, but Markus
et al haven't seen the need for this.
Perhaps user at host control would be a "killer-application" in this regard?
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
More information about the openssh-unix-dev
mailing list