[svlug] SSH PAM and access control

James Sparenberg james at linuxrebel.org
Sun May 16 17:25:23 PDT 2010

Previous message: [svlug] Book recommendations
Next message: [svlug] SSH PAM and access control
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All,

    OK situation is.  We have a system that from the LAN on port 22 we 
want to have "normal" ssh access.  (username and password)   However 
from outside the LAN we want to limit it to a smaller subset of users, 
and have these users access by ssh-key pair only.


    What I have done is setup a second ssh daemon running on say port 
2222, that operates via key pair only.  What I'm having trouble with is 
figuring out how to configure PAM or other access control that allows 
for each of these ssh daemons to operate independently.  Unfortunately 
they both seem to come back to the same PAM parameters and it doesn't 
allow for access control by port only by system.

   Has anyone out there ever set something up that meets these needs, or 
am I just going to have to put the sshkey version on a VM and run from 
there?

James

Previous message: [svlug] Book recommendations
Next message: [svlug] SSH PAM and access control
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list