From owner-freebsd-stable Tue Feb 6 9:21:54 2001 Delivered-To: freebsd-stable@freebsd.org Received: from hex.databits.net (hex.databits.net [207.29.192.16]) by hub.freebsd.org (Postfix) with SMTP id 1399E37B67D for ; Tue, 6 Feb 2001 09:21:37 -0800 (PST) Received: (qmail 27879 invoked by uid 1001); 6 Feb 2001 17:21:36 -0000 Date: Tue, 6 Feb 2001 12:21:36 -0500 From: Pete Fritchman To: Kris Kennaway Cc: "'freebsd-stable@freebsd.org'" Subject: Re: ssh question Message-ID: <20010206122136.A27668@databits.net> References: <77A588078DF6D3118C0A00508B8E036703875829@AMSHQB-EXCH02> <20010206091628.A12259@mollari.cthul.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010206091628.A12259@mollari.cthul.hu>; from kris@obsecurity.org on Tue, Feb 06, 2001 at 09:16:28AM -0800 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ++ 06/02/01 09:16 -0800 - Kris Kennaway: >On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote: >> Hi, >> >> Is it possible to have "PermitRootLogin" enabled but somehow limit it to >> only some hosts? > >Use a key, not a password-based login, and put a host restriction on >the key as described in sshd(8). Would you have to then set PasswordAuthentication to no? -pete > >Kris -- Pete Fritchman Databits Network Services, Inc. finger petef@databits.net for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message