Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Mike - EMAIL IGNORED
April 19, 2007, 11:08 pm
rate this thread
access to some ip addresses (these would all be local),
but require RSA from all others? I would parse the
packets in libipq to block the password request and
response, but, of course, they are encrypted, so I
don't know how to recognize them.
Thanks for your help.
Re: restricted password access
There's a new feature ("Match") in OpenSSH 4.6 (which is newer than
what's in FC4) that allows this kind of thing.
The other way to do this with older versions is to run two copies of
sshd on different ports, one allowing password and one not, and use
firewall redirection rules to send connections from your local net to
the password-enabled one, and everyting else to the password-disabled one.
It's simpler with Match; you would put something like this in sshd_config:
Match Address 10.0.0.*
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum