Re: SSH pubkey or password based on user group
- From: Anastassios Nanos <ananos@xxxxxxxxxxx>
- Date: Sat, 27 Oct 2007 20:16:42 +0300
Nikos Nikoleris wrote:
Hi,
What I was trying to do is not to allow users that are in root group to
login using ssh in our server without having their public key while
every other user can choose whether they will login using their password
or their public key.
I was searching through pam modules without success if there was a way
of doing this through pam but I couldn't find any module that will have
my job done. Does anyone have any clue if there is a way of doing this
hello.
I'm posting in case there is someone else who wants to do that.
finally, we did it ... ;-)
/etc/pam.d/ssh:
auth required pam_listfile.so item=group sense=deny
file=/etc/ssh/sshd.deny onerr=succeed
/etc/ssh/sshd.deny:
pubkeyssh
so any member of pubkeyssh group is allowed to login only with a pubkey.
I 'm sure there is an easier way to do it but it's more about pam than ssh.
cheers,
--
Anastassios Nanos
<ananos@xxxxxxxxxxx>
1024D/CCCE759D 2007/04/29 Anastassios Nanos <ananos@xxxxxxxxxxx>
Key fingerprint = 60EC 7B9E CD11 9AB2 C3CE B694 08D6 F033 CCCE 759D
.
- Follow-Ups:
- Re: SSH pubkey or password based on user group
- From: Richard E. Silverman
- Re: SSH pubkey or password based on user group
- References:
- SSH pubkey or password based on user group
- From: Nikos Nikoleris
- SSH pubkey or password based on user group
- Prev by Date: Re: SSH pubkey or password based on user group
- Next by Date: Re: SSH pubkey or password based on user group
- Previous by thread: Re: SSH pubkey or password based on user group
- Next by thread: Re: SSH pubkey or password based on user group
- Index(es):
Relevant Pages
|
