Portable OpenSSH 3.7.1p2 released
Andrea Barisani
lcars at infis.univ.trieste.it
Wed Sep 24 02:27:41 EST 2003
>
> Changes since OpenSSH 3.7.1p1:
> ==============================
>
> * This release disables PAM by default. To enable it, set "UsePAM yes" in
> sshd_config. Due to complexity, inconsistencies in the specification and
> differences between vendors' PAM implementations we recommend that PAM
> be left disabled in sshd_config unless there is a need for its use.
> Sites using only public key or simple password authentication usually
> have little need to enable PAM support.
Hi,
right now PAM is widely use with the pam_listfile.so module to grant access
for specific users only from certain hosts (es. root is allowed only from
10.1.7.1)
I beleive that this is not possible with AllowUsers and DenyUsers unless some
! (negation) operator is introduced in the configuration. That's because
AllowUsers * root at 10.1.7.1
or other variations won't work.
Do you think would be possible adding such feature or is there any other way
I'm missing for doing that :).
Bye and thanks
--
------------------------------------------------------------
INFIS Network Administrator & Security Officer .*.
Department of Physics - University of Trieste /V\
lcars at infis.univ.trieste.it - PGP Key 0x8E21FE82 (/ \)
---------------------------------------------------- ( )
"How would you know I'm mad?" said Alice. ^^-^^
"You must be,'said the Cat,'or you wouldn't have come here."
------------------------------------------------------------
More information about the openssh-unix-dev
mailing list