From owner-freebsd-stable  Tue Feb  6  9:21:54 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from hex.databits.net (hex.databits.net [207.29.192.16])
	by hub.freebsd.org (Postfix) with SMTP id 1399E37B67D
	for <freebsd-stable@freebsd.org>; Tue,  6 Feb 2001 09:21:37 -0800 (PST)
Received: (qmail 27879 invoked by uid 1001); 6 Feb 2001 17:21:36 -0000
Date: Tue, 6 Feb 2001 12:21:36 -0500
From: Pete Fritchman <petef@databits.net>
To: Kris Kennaway <kris@obsecurity.org>
Cc: "'freebsd-stable@freebsd.org'" <freebsd-stable@freebsd.org>
Subject: Re:  ssh question
Message-ID: <20010206122136.A27668@databits.net>
References: <77A588078DF6D3118C0A00508B8E036703875829@AMSHQB-EXCH02> <20010206091628.A12259@mollari.cthul.hu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010206091628.A12259@mollari.cthul.hu>; from kris@obsecurity.org on Tue, Feb 06, 2001 at 09:16:28AM -0800
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

++ 06/02/01 09:16 -0800 - Kris Kennaway:
>On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote:
>> Hi,
>> 
>> Is it possible to have "PermitRootLogin" enabled but somehow limit it to
>> only some hosts?
>
>Use a key, not a password-based login, and put a host restriction on
>the key as described in sshd(8).

Would you have to then set PasswordAuthentication to no?

-pete

>
>Kris


--
Pete Fritchman <petef@databits.net>
Databits Network Services, Inc. <http://databits.net>
finger petef@databits.net for PGP key



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message