Re: sftp Newbie Questions!
maf_at_appgate.com
Date: 06/26/03
- Previous message: Ifan Jones: "RE: Passwordless SSH Logins"
- Maybe in reply to: Andrew McCall: "sftp Newbie Questions!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Jun 2003 11:32:14 +0200 (CEST) To: mouring@etoh.eviladmin.org
On 25 Jun, Ben Lindstrom wrote:
> On 25 Jun 2003, Andrew McCall wrote:
>> 4) Can I bind sftp-server to a single IP address, but still leave
>> "normal" SSH running on all other IP addresses? If its not is there
>> anyway of installing and run a second instance of OpenSSH that only
>> allows sftp connections (I don't think there is due to the way that sftp
>> works.)
>
> No. sftp is a 'subsystem'. So restricting it that way is not possible
> since sshd has no clue it is a subsystem, shell, X11 forward, etc until
> after the user has pass authentication.
But you can run two different instances of sshd. Where one listens to
0.0.0.0 and does not allow sftp. While another, which uses another
configuration-file listens to the specific Ip address and which allows
sftp.
/MaF
-- Martin Forssen <maf@appgate.com> Development Manager Phone: +46 31 7744361 AppGate Network Security AB
- Previous message: Ifan Jones: "RE: Passwordless SSH Logins"
- Maybe in reply to: Andrew McCall: "sftp Newbie Questions!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
