Date: Tue, 06 Feb 2001 21:46:54 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Pete Fritchman <petef@databits.net> Cc: "'freebsd-stable@freebsd.org'" <freebsd-stable@freebsd.org> Subject: Re: ssh question Message-ID: <20010206214654.A19439@mollari.cthul.hu> In-Reply-To: <20010206122136.A27668@databits.net>; from petef@databits.net on Tue, Feb 06, 2001 at 12:21:36PM -0500 References: <77A588078DF6D3118C0A00508B8E036703875829@AMSHQB-EXCH02> <20010206091628.A12259@mollari.cthul.hu> <20010206122136.A27668@databits.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Tue, Feb 06, 2001 at 12:21:36PM -0500, Pete Fritchman wrote: > ++ 06/02/01 09:16 -0800 - Kris Kennaway: > >On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote: > >> Hi, > >> > >> Is it possible to have "PermitRootLogin" enabled but somehow limit it to > >> only some hosts? > > > >Use a key, not a password-based login, and put a host restriction on > >the key as described in sshd(8). > > Would you have to then set PasswordAuthentication to no? You wouldn't have to, but it would be an option. You could give root a locked password, for example. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6gOFOWry0BWjoQKURAjr9AKCQeWh0Yqx87IY9EsuqL/b/IFfncgCcCb6P UQAlEJcF8N3PWIQslp6ArHQ= =WmwC -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010206214654.A19439>