Russell Coker <[EMAIL PROTECTED]> wrote: > Ideally we would be able to specify a list of acceptable IP addresses > for each account, both in a central file and in per-user config > files. It would be really great if someone would write code to do > this!
It is already possible to specify such a list in a system-wide configuration file (sshd_config): | AllowUsers | [...] | If the pattern takes the form [EMAIL PROTECTED] then USER and | HOST are separately checked, restricting logins to | particular users from particular hosts. sshd_config(5) And when using keypair authentication, ordinary users can restrict the hosts their keys may be used from as well: | AUTHORIZED_KEYS FILE FORMAT | [...] | from="pattern-list" | Specifies that in addition to RSA authentication, the | canonical name of the remote host must be present in the | comma-separated list of patterns sshd(8) Paul -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]