[EMAIL PROTECTED] wrote:
Hi!
I want to make ssh-access possible only from a restricted
number of hosts - those that are named in /etc/hosts.allow.
Users who want to login have a DynDNS host-name that shall
be listed in hosts.allow to make it possible for users with
a dial-up internet connection, too.
BUT:
The problem is that I can only login to the ssh-machine
when I enter the IP-address to the hosts.allow file.
Specifying the hosts DNS-name does not work!
AND:
I'd prefer to specify the rules for loggin into the machine
in the sshd_config-file, not in hosts.allow/deny.
But the AllowHosts/DenyHosts-options that could be used in
/etc/sshd_config earlier seem to be not any
longer available at the SSH-version I'm using.
It's: openssh-3.4p1-80 on a SuSE 8.1
Has anybody ideas in this 2 problems?
thx in advance,
Klaus
Hi.
I use this line:
auth required /lib/security/pam_listfile.so item=user sense=deny
file=/etc/ssh.deny.login onerr=succeed
in /etc/pam.d/ssh
I then restrict users from logging in which i define in ssh.deny.login
Maybe you can tweak a bit and have a script getting updated ip-adresses
for your hosts? I dont know if pam can make use of it, just a suggestion.
Kenneth