| View previous topic :: View next topic |
| Author |
Message |
Nondegenerate
n00b
Joined: 19 Jan 2004
Posts: 7
|
 Posted: Tue May 03, 2005 6:52 pm Post subject: SSH restriction and public keys. |
 |
|
| I'd like to configure SSH on my gateway box such that if an incoming SSH connection originates from a specific "blessed" IP address or range of IP addresses that authentication may take place with a user/pass and for all other incoming connections they must use key authentication. Is this possible and how can I set this up? |
|
| Back to top |
|
 |
humbletech99
Veteran
Joined: 26 May 2005
Posts: 1229
Location: London
|
| Posted: Mon Dec 19, 2005 10:44 pm Post subject: |
|
|
| setup two ssh daemons with different configs listening to different ports and then use iptables to grant the desired ip/range access to the port with user/pass and the other only allowed to the port only allowing key auth. |
|
| Back to top |
|
|
tuxmin
l33t
Joined: 24 Apr 2004
Posts: 838
Location: Heidelberg
|
| Posted: Tue Dec 20, 2005 10:40 am Post subject: |
|
|
Read the section AUTHORIZED_KEYS FILE FORMAT in "man sshd". Maybe you can use the from="pattern-list" to achieve your goal.
Alex!!!
_________________
ALT-F4 |
|
| Back to top |
|
|
Jrauch
n00b
Joined: 19 Dec 2005
Posts: 20
|
| Posted: Tue Dec 20, 2005 4:05 pm Post subject: |
|
|
Also, the allowusers and DenyUsers directives may be useful.
I think you are going to need a seperate instance of the server though. |
|
| Back to top |
|
|
|
Networking & Security
