[clug] Starting k/ubuntu - Debian
Andrew Janke
a.janke at gmail.com
Tue May 15 00:50:18 GMT 2007
> The access.conf is used by all login programs through pam, so it covers gdm,
> mingetty etc. I usually do something like:
>
> +:mic:ALL
> +:ALL:10.
>
> This says that mic (my username) is allowed to log in from everywhere, but
> everyone else can only log in from the 10. network. This is because I just know
> the rest of the family have crappy passwords but there is nothing i can do
> about it.
:) thanks..
> I actually was not aware you can specify which users can login
> from where using sshd.conf (if so can you provide an example?). I.e. each of
> those subsystems have a chance to stop the login in turn.
AllowUsers rotor
will only allow me in.
AllowUsers rotor at some.address.com
is even more restrictive.
There is also an AllowGroups directive.
man sshd_config
has lots and lots of things for the bored. :)
Of course if you want to get ridiculous you should also start adding
things like this into your ssh keys in ~/.ssh/authorized_keys
from="hostname,hostname.fred.blogs.com" ssh-dss AAAA.......<lots of
characters that I am not copying... :)
a
More information about the linux
mailing list