From owner-freebsd-stable  Thu Feb  8  0:48:25 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from sdmail0.sd.bmarts.com (sdmail0.sd.bmarts.com [192.215.234.86])
	by hub.freebsd.org (Postfix) with SMTP id 5E17637B491
	for <freebsd-stable@freebsd.org>; Thu,  8 Feb 2001 00:48:05 -0800 (PST)
Received: (qmail 4629 invoked by uid 1078); 8 Feb 2001 08:48:06 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 8 Feb 2001 08:48:06 -0000
Date: Thu, 8 Feb 2001 00:48:06 -0800 (PST)
From: Gordon Tetlow <gordont@bluemtn.net>
X-X-Sender:  <gordont@sdmail0.sd.bmarts.com>
To: Pete Fritchman <petef@databits.net>
Cc: Kris Kennaway <kris@obsecurity.org>,
	"'freebsd-stable@freebsd.org'" <freebsd-stable@freebsd.org>
Subject: Re:  ssh question
In-Reply-To: <20010206122136.A27668@databits.net>
Message-ID: <Pine.BSF.4.31.0102080047350.20481-100000@sdmail0.sd.bmarts.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 6 Feb 2001, Pete Fritchman wrote:

> ++ 06/02/01 09:16 -0800 - Kris Kennaway:
> >On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote:
> >> Hi,
> >>
> >> Is it possible to have "PermitRootLogin" enabled but somehow limit it to
> >> only some hosts?
> >
> >Use a key, not a password-based login, and put a host restriction on
> >the key as described in sshd(8).
>
> Would you have to then set PasswordAuthentication to no?

Nope, you can use:
PermitRootLogin without-password

-gordon



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message