I think you can accomplish some of what you want using TCP Wrappers.
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-tcpwrappers-access.html
I don't know how you could do a-d at once though.
Maciej ?enczykowski wrote:
> Hello,
>
> does anybody know how to achieve the following with SSH...
>
> a) accept RSA authentication for all but root from any IP
> b) accept RSA authentication for root from a couple IPs/Netmasks
> c) accept password authentication for all but root from a dozen Netmasks
> d) accept password authentication for root from 3 local netmasks only
>
> ie. make authentication depend on the USER,METHOD,CLIENT-IP triplet...
>
> Cheers,
> MaZe.
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
