User-specific sshd_config?
Damien Miller
djm at mindrot.org
Sat Apr 5 18:05:06 EST 2008
On Fri, 4 Apr 2008, Ingemar Nilsson wrote:
> Hi.
>
> I wonder if it would be possible to implement support for a
> user-specific sshd_config. The primary reason is that I would like the
> ability to specify that I'm only allowed to login with a key pair, even
> though the system-wide sshd configuration still allows passwords for
> other users.
You can do this with the "Match" keyword in sshd_config now. You need
root access to configure it though.
Match user djm
PasswordAuthentication no
KbdInteractiveAuthentication no
GSSAPIAuthentication no
KerberosAuthentication no
HostbasedAuthentication no
PubkeyAuthentication yes
> Of course, a user-specific sshd_config file should not be able to break
> the security policy of the system-wide configuration, only restrict it
> even further.
>
> Would this be possible?
Anything's possible :)
-d
More information about the openssh-unix-dev
mailing list