sshd configuration madness ...
Ben Duncan
linux4ms at aim.com
Wed May 9 13:55:46 PDT 2012
Ok, I am stumped. I am trying to set sshd for my STATE job and have issues.
(RHEL 5.0 on x86, Suse 11.1 on LPAR - a Mainframe)
I am trying to allow ONLY certain IP address to use root as a login via
scp/ssh/sftp. FOR various reason I have to allow root access in from a one to
another mode (Only One Host can access another as root).
If I have PermitRootLogin set to no, NO root logins are allowed. Setting to yes
is a security to risk, but is the only way for the next test rules to work:
# Allow ONLY IP .50 in as root ..
AllowUsers root at 10.10.10.50
# Keep all other from the same subnet out ...
DenyUsers root at 10.10.10.*
OK, this DOES NOT Work either, as ALL root users form 10.10.10 are not allowed in.
Commenting out DenyUsers ALLOW the rule to work, but then ALL root users
from the same subnet can ssh as root ..
Any Suggestion?
Thanks ..
--
Ben Duncan - Business Network Solutions, Inc. 336 Elton Road Jackson MS, 39212
"Never attribute to malice, that which can be adequately explained by stupidity"
- Hanlon's Razor
More information about the Linux-users
mailing list