Match Address :?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Hi --

I'd like to allow root access (key and command, only) under specific
conditions, namely if incoming IP and port match. I'm not familiar
with the match clause, yet. Therefore, would something like ...

Match Address <IP>:<PORT>
    PermitRootLogin yes
    AllowUsers root

... work? Or would something like ...

Match Address <IP>
    port <PORT>
        PermitRootLogin yes
        AllowUsers root

... work as anticipated? The manual pages of sshd_config don't address
version 1, and don't mention the port keyword in a match conditional
block at all.

So, how would one solve the challenge: accept root from a specific
<IP>/<PORT> combination, only, but disable root for every other connect
from <any>/<different PORT>?

to let

Site Timeline