help with negative patterns in Match

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hey.

Perhaps someone can help me with the following (OpenSSH 6.7):

I have a host reachable via miscellaneous interfaces (and network
addresses) running SSH.

Some specific users should be only reachable from the inside, so e.g.
though something like this would do the job in sshd_config:

#general config
#...

Match User foo LocalAddress 10.0.0.1,fe80:abba::0
        PasswordAuthentication          no
        KbdInteractiveAuthentication    no
        RhostsRSAAuthentication         no
        HostbasedAuthentication         no
        KerberosAuthentication          no
        GSSAPIAuthentication            no
        RSAAuthentication               no
        PubkeyAuthentication            yes

Match User foo LocalAddress !10.0.0.1,!fe80:abba::0
        PasswordAuthentication          no
        KbdInteractiveAuthentication    no
        RhostsRSAAuthentication         no
        HostbasedAuthentication         no
        KerberosAuthentication          no
        GSSAPIAuthentication            no
        RSAAuthentication               no
        PubkeyAuthentication            no


But apparently it never goes into the negative matching block :-(

Also, it seems that hostnames can generally not be used with
LocalAddress,.. is this expected? Cause that would be kinda nice.


Thanks,
Chris.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux