Re: User-specific sshd_config?
This is a discussion on Re: User-specific sshd_config? within the OpenSSH Development forums, part of the Networking and Network Related category; Peter Stuge wrote: > Bob Proulx wrote: > > When faced with a similar problem I ran an additional and ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-04-2008
|
|||
|
|||
Re: User-specific sshd_config?
Peter Stuge wrote:
> Bob Proulx wrote: > > When faced with a similar problem I ran an additional and separate > > sshd and supplemented the configuration with command line arguments. > > In this case IIRC -oPasswordAuthentication=no -Port=2222 > > -oPidFile=/var/run/sshd-noppass.pid > > Unfortunately the user will still be authenticated by password on > port 22. You missed reading (and subsequently trimmed out) the fact that there were firewall rules involved. Just because I am a pedant here is what I said: > -oPidFile=/var/run/sshd-noppass.pid and installed a control script > /etc/init.d/sshd.nopass and then adjusted firewall rules accordingly. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ :-) I don't know for what purpose the original poster is wanting to use specialized configuration to turn off passwords but in my case I was able to use firewall rules to ensure that only that specially configured port was accessed from an untrusted network. I was able to block the normal port and therefore able to block password access. I kept password access available from the internal private (and much more trusted) network. Bob _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
