user at host in AllowUsers

Pekka Savola pekkas at
Thu Jun 14 07:16:46 EST 2001

On Wed, 13 Jun 2001, Allan Stokes wrote:
> Andrew's patch would do the job just fine.  I hope it gets incorporated,
> especially since the SSH book implies that this kind of access control is
> possible.

This has been a feature of SSH.COM's sshd for a long time, and this is
what the book is probably referring to.

Basically methods to control connecting hosts in sshd_config have been
removed from OpenSSH because most of these features are provided by

Default tcp_wrappers can't handle the situation you're describing, or one
where you want to use wildcards in all possible places in hostname
definitions.  There has been some debate on this in the past, but Markus
et al haven't seen the need for this.

Perhaps user at host control would be a "killer-application" in this regard?

Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

More information about the openssh-unix-dev mailing list