[svlug] SSH PAM and access control

David Rosenstrauch darose at darose.net
Mon May 17 12:24:00 PDT 2010

Previous message: [svlug] SSH PAM and access control
Next message: [svlug] SSH PAM and access control
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 05/16/2010 08:25 PM, James Sparenberg wrote:
> All,
>
>      OK situation is.  We have a system that from the LAN on port 22 we
> want to have "normal" ssh access.  (username and password)   However
> from outside the LAN we want to limit it to a smaller subset of users,
> and have these users access by ssh-key pair only.
>
>
>      What I have done is setup a second ssh daemon running on say port
> 2222, that operates via key pair only.  What I'm having trouble with is
> figuring out how to configure PAM or other access control that allows
> for each of these ssh daemons to operate independently.  Unfortunately
> they both seem to come back to the same PAM parameters and it doesn't
> allow for access control by port only by system.
>
>     Has anyone out there ever set something up that meets these needs, or
> am I just going to have to put the sshkey version on a VM and run from
> there?
>
> James

Any particular reason you wouldn't want to set up a vpn for this?

DR

Previous message: [svlug] SSH PAM and access control
Next message: [svlug] SSH PAM and access control
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list