control of auth methods
Damien Miller
djm at mindrot.org
Sat May 8 11:48:43 EST 2004
Jefferson Ogata wrote:
> I thank what would work would be to make the sshd_config syntax consistent with
> the ~/.ssh/config syntax, but instead of Host sections, have User sections. In
> addition, instead of AllowUsers/DenyUsers you could use Allow/Deny keywords or
> something similar. We should also allow specification of sub-auth-types.
I don't think we are interested in adding complex policy enforcement
to the server. If we did this, we would be more likely to reuse an
existing policy language such as KeyNote. I had patches for this a
couple of years ago - check the archives.
-d
More information about the openssh-unix-dev
mailing list