moin, On [Sun, 14.01.2007 20:17], Stefan Fritsch wrote: SF> On Sunday 14 January 2007 14:36, Adrian von Bidder wrote: SF> > I have users a, b, c, d, e. All users except e can have shell SF> > access, but beecause shell access is powerful, must not be able to SF> > log in with password, but only with public key. User e is allowed SF> > to log in with password and is restricted by rssh to only use scp, SF> > sftp or rsync so that even if that password is stolen/guessed, the SF> > attacker can at most deface the hosted web site in e's directory. SF> > SF> > Judging from the replies I've received so far I'll just end up SF> > running a 2nd sshd on port 2222 or wherever. SF> SF> Openssh 4.4 supports per user configuration. But I don't think it will SF> get into Debian before Etch's release.
wanted to post this too - if you mean the Match directive. but then i saw, that match currently works for POST authentication directives like x-forwarding. from the man-page of sshd_config: Available keywords are AllowTcpForwarding, ForceCommand, GatewayPorts, PermitOpen, X11DisplayOffset, X11Forwarding, and X11UseLocalHost hth, roman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]