From owner-freebsd-stable Tue Feb 6 23: 4:50 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mta5.snfc21.pbi.net (mta5.snfc21.pbi.net [206.13.28.241]) by hub.freebsd.org (Postfix) with ESMTP id 0EF8F37B491 for ; Tue, 6 Feb 2001 23:04:27 -0800 (PST) Received: from xor.obsecurity.org ([64.165.226.103]) by mta5.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0G8D0020OH9QP3@mta5.snfc21.pbi.net> for freebsd-stable@freebsd.org; Tue, 6 Feb 2001 21:44:19 -0800 (PST) Received: by xor.obsecurity.org (Postfix, from userid 1000) id 6CEB166B62; Tue, 06 Feb 2001 21:46:54 -0800 (PST) Date: Tue, 06 Feb 2001 21:46:54 -0800 From: Kris Kennaway Subject: Re: ssh question In-reply-to: <20010206122136.A27668@databits.net>; from petef@databits.net on Tue, Feb 06, 2001 at 12:21:36PM -0500 To: Pete Fritchman Cc: "'freebsd-stable@freebsd.org'" Message-id: <20010206214654.A19439@mollari.cthul.hu> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="+QahgC5+KEYLbs62" Content-disposition: inline User-Agent: Mutt/1.2.5i References: <77A588078DF6D3118C0A00508B8E036703875829@AMSHQB-EXCH02> <20010206091628.A12259@mollari.cthul.hu> <20010206122136.A27668@databits.net> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --+QahgC5+KEYLbs62 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 06, 2001 at 12:21:36PM -0500, Pete Fritchman wrote: > ++ 06/02/01 09:16 -0800 - Kris Kennaway: > >On Tue, Feb 06, 2001 at 05:27:18PM +0100, Lisa Goulet wrote: > >> Hi, > >>=20 > >> Is it possible to have "PermitRootLogin" enabled but somehow limit it = to > >> only some hosts? > > > >Use a key, not a password-based login, and put a host restriction on > >the key as described in sshd(8). >=20 > Would you have to then set PasswordAuthentication to no? You wouldn't have to, but it would be an option. You could give root a locked password, for example. Kris --+QahgC5+KEYLbs62 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6gOFOWry0BWjoQKURAjr9AKCQeWh0Yqx87IY9EsuqL/b/IFfncgCcCb6P UQAlEJcF8N3PWIQslp6ArHQ= =WmwC -----END PGP SIGNATURE----- --+QahgC5+KEYLbs62-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message