Date: Tue, 06 Feb 2001 21:46:54 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Pete Fritchman <petef@databits.net> Cc: "'freebsd-stable@freebsd.org'" <freebsd-stable@freebsd.org> Subject: Re: ssh question Message-ID: <20010206214654.A19439@mollari.cthul.hu> In-Reply-To: <20010206122136.A27668@databits.net>; from petef@databits.net on Tue, Feb 06, 2001 at 12:21:36PM -0500 References: <77A588078DF6D3118C0A00508B8E036703875829@AMSHQB-EXCH02> <20010206091628.A12259@mollari.cthul.hu> <20010206122136.A27668@databits.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--+QahgC5+KEYLbs62 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 06, 2001 at 12:21:36PM -0500, Pete Fritchman wrote: > ++ 06/02/01 09:16 -0800 - Kris Kennaway: > >On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote: > >> Hi, > >>=20 > >> Is it possible to have "PermitRootLogin" enabled but somehow limit it = to > >> only some hosts? > > > >Use a key, not a password-based login, and put a host restriction on > >the key as described in sshd(8). >=20 > Would you have to then set PasswordAuthentication to no? You wouldn't have to, but it would be an option. You could give root a locked password, for example. Kris --+QahgC5+KEYLbs62 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6gOFOWry0BWjoQKURAjr9AKCQeWh0Yqx87IY9EsuqL/b/IFfncgCcCb6P UQAlEJcF8N3PWIQslp6ArHQ= =WmwC -----END PGP SIGNATURE----- --+QahgC5+KEYLbs62-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010206214654.A19439>