Date: Wed, 7 May 2003 16:55:14 +0200 From: Roman Neuhauser <neuhauser@bellavista.cz> To: Adam <blueeskimo@gmx.net> Cc: freebsd-questions@freebsd.org Subject: Re: restricting users login Message-ID: <20030507145514.GT12792@freepuppy.bellavista.cz> In-Reply-To: <1052283921.6547.21.camel@jake> References: <00c201c31455$42e3b1e0$33477140@dakine> <1052283921.6547.21.camel@jake>
next in thread | previous in thread | raw e-mail | index | archive | help
# blueeskimo@gmx.net / 2003-05-07 01:05:21 -0400:
> On Wed, 2003-05-07 at 00:58, Brandon Hagedorn wrote:
> > Is there a way I can restrict user's login in ftp, and shell access. I
> > want to restrict users to only login from a certain IP range. Is this
> > possible? and if so could you direct me in the right direction(websites,
> > man pages)
>
> Most FTPd allow IP restrictions per login (I know PureFTPd does). For
> SSH, I think the only way to restrict IP's is by firewall, but thats per
> port, not per login.
actually, ssh has means of limiting certain users to certain hosts.
sshd_config(5):
AllowUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for
users names that match one of the patterns. `*' and `'? can be
used as wildcards in the patterns. Only user names are valid; a
numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form USER@HOST
then USER and HOST are separately checked, restricting logins to
particular users from particular hosts.
--
If you cc me or remove the list(s) completely I'll most likely ignore
your message. see http://www.eyrie.org./~eagle/faqs/questions.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030507145514.GT12792>