You could also do what Keith suggested (using different ports) with the added hack of using IPTables to do port redirection from port 22 to the appropriate port, based on the source address.
On 1/16/06, EMF <[EMAIL PROTECTED]> wrote: > Not directly, from what I've seen. > > However, if the box in question is your bastion host, you could conceivably > configure two different instances of sshd, one listening on each NIC. Then > you could configure the external one to only respond to public key auth and > the internal to local password. > > -- > Only a fool states that he has never made a mistake. > > -----Original Message----- > From: Tim Cross [mailto:[EMAIL PROTECTED] > Sent: Monday, January 16, 2006 3:08 PM > To: [email protected] > Subject: security question > > Is it possible to configure OpenSSH (on Fedora Core 4) to allow local ssh > logins on the local subnet with password authentication while at the same > time restricting external logins to public-key authentication on a single > account? > > _________________________________________________________________ > Don't just search. Find. Check out the new MSN Search! > http://search.msn.click-url.com/go/onm00200636ave/direct/01/ > > -- And, did Guloka think the Ulus were too ugly to save? -Centauri
