AllowHosts / DenyHosts

Damien Miller djm at
Fri Mar 2 19:24:41 EST 2001

On Thu, 1 Mar 2001, Markus Friedl wrote:

> So for openssh I'd like to have
> a /etc/sshd_policy per system and a .ssh/policy per user.

Longer term, being able to send signed credentials either before or
during authentication would be really cool.

> > ...doesn't really seem like it'll gain alot of followers.  I mean,
> > I thoroughly grant you that I haven't examined Keynote nearly
> > enough to dismiss it, and honestly am interested in what you think
> > SSH would get out what might be a very significant amount of code.
> the parsing and eval is done by libkeynote, so all ssh has to
> do is set the variables (e.g. remote_use, remote_ip, forward_target)
> and call kn_query().

How would we handle forced commands? I couldn't see any way to get
keynote to return anything other than a pre-determined answer.


| Damien Miller <djm at> \ ``E-mail attachments are the poor man's
|          /   distributed filesystem'' - Dan Geer

More information about the openssh-unix-dev mailing list