AllowHosts / DenyHosts

[Damien Miller]

On Thu, 1 Mar 2001, Markus Friedl wrote:

> So for openssh I'd like to have
> a /etc/sshd_policy per system and a .ssh/policy per user.

Longer term, being able to send signed credentials either before or
during authentication would be really cool.

> > ...doesn't really seem like it'll gain alot of followers.  I mean,
> > I thoroughly grant you that I haven't examined Keynote nearly
> > enough to dismiss it, and honestly am interested in what you think
> > SSH would get out what might be a very significant amount of code.
>
> the parsing and eval is done by libkeynote, so all ssh has to
> do is set the variables (e.g. remote_use, remote_ip, forward_target)
> and call kn_query().

How would we handle forced commands? I couldn't see any way to get
keynote to return anything other than a pre-determined answer.

-d

-- 
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's
| http://www.mindrot.org          /   distributed filesystem'' - Dan Geer