Hi!Hi.
I want to make ssh-access possible only from a restricted number of hosts - those that are named in /etc/hosts.allow. Users who want to login have a DynDNS host-name that shall be listed in hosts.allow to make it possible for users with a dial-up internet connection, too.
BUT: The problem is that I can only login to the ssh-machine when I enter the IP-address to the hosts.allow file. Specifying the hosts DNS-name does not work!
AND:
I'd prefer to specify the rules for loggin into the machine
in the sshd_config-file, not in hosts.allow/deny.
But the AllowHosts/DenyHosts-options that could be used in /etc/sshd_config earlier seem to be not any
longer available at the SSH-version I'm using. It's: openssh-3.4p1-80 on a SuSE 8.1
Has anybody ideas in this 2 problems?
thx in advance, Klaus
I use this line:
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ssh.deny.login onerr=succeed
in /etc/pam.d/ssh
I then restrict users from logging in which i define in ssh.deny.login
Maybe you can tweak a bit and have a script getting updated ip-adresses for your hosts? I dont know if pam can make use of it, just a suggestion.
Kenneth
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
