Re: Negated patterns in AllowedUsers



On Thu, Sep 06, 2007 at 01:52:17AM +0200, Radek Hladik wrote:
Hi,
all I wanted was to force SSHd to accept root logins only from
localhost.

If nobody else comes up with an answer, then try this one:

Run two (or more) instances of sshd. Bind one of them to the loopback
interface, and let it allow root users. Bind the other(s) to the "real"
network interface(s), and let them deny root users.



Relevant Pages

  • Re: Negated patterns in AllowedUsers
    ... With PAM in /etc/pam.d/sshd you can especify the root only to login ... all I wanted was to force SSHd to accept root logins only from ... and let them deny root users. ...
    (SSH)
  • Re: Root cant delete files
    ... I'd say it's time to upgrade to a later version of BIND. ... I would personally recommend that you back up critical ... especially as 'root', it's very hard and very tedious to repair it. ... Make a great connection at Yahoo! ...
    (Focus-Linux)
  • Re: Adctive Directory and Unix DNS
    ... > the Active Directory root domain, ... You can host the AD domain on the BIND servers but without DDNS it can ... have members of the Root domain trying to find the DFS share using the LDAP ... > populate BIND DNS with the AD info if Dynamic DNS is not enabled? ...
    (microsoft.public.windows.server.dns)
  • DJB and root ns server dnssec signing
    ... cant afford it to go wrong. ... As you are probably aware the root zones are going to be signed soon. ... as these boxes are caches they will be querying the root ns a lot. ... I would upgrade the ns to bind, but historically there were issues with bind ...
    (freebsd-questions)
  • Re: root hints
    ... It is "built in" to BIND. ... IF any of the built-in root name servers is correct [very likely ... on the public Internet, unlikely on any other internet], it will get the ... do a file transfer to download any file to keep its boot-time root hints ...
    (comp.protocols.dns.bind)