[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sshd skey authentication forced if outside lan

To: Didier Wiroth <didier.wiroth@mcesr.etat.lu>
Subject: Re: Sshd skey authentication forced if outside lan
From: Stefan Kell <skba.opbsd@gmx.de>
Date: Tue, 1 Feb 2005 20:20:01 +0100 (CET)
Cc: misc@openbsd.org

Hi,

as far as I know this is practically not possible: there is simply no
option for sshd to accomplish this (see man sshd_config). It might be
possible if you are using sshd-option "UseLogin" but this disables
X-Forwarding and has other implications and should not be used.

It might be better to force public-key authentication on the outside
interface of the firewall. This can easily be done with two sshd-processes
with different configurations.

Regards

Stefan Kell

On Tue, 1 Feb 2005, Didier Wiroth wrote:

> Hi,
> I'm in the process of configuring my sshd of my dsl openbsd firewall.
>
> Is it possible to force skey authentication based on the network from where
> I'm trying to connect.
>
> For example:
> UserX is doing ssh from localnet to sshd of the firewall, standard passwd
> method is used
> UserX is doing ssh from internet to sshd of the firewall, SKEY is required
> Is that possible?
>
> Many thx
> didier

References:
- Sshd skey authentication forced if outside lan
  - From: Didier Wiroth <didier.wiroth@mcesr.etat.lu>

Prev by Date: 제1금융권 자격이 안돼어도.대출해드립니다.은행권이자
Next by Date: Re: protection against DDoS with Syn-Flood
Prev by thread: Sshd skey authentication forced if outside lan
Next by thread: Re: Sshd skey authentication forced if outside lan
Index(es):
- Date
- Thread