Class-imposed login restrictions (on FreeBSD)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I have been working on reconciling the local modifications to the copy
of OpenSSH in the FreeBSD base system, and a number of smaller changes
have been committed upstream.

One open issue is support for login class-based restrictions,
originally introduced in 2002[1]. It can restrict login by time period
and by remote host. A version of this change was submitted to the
OpenSSH github repository[2], but a reviewer suggested it was
unnecessarily complicated (it used the monitor process to obtain the
class info). This was simplified in a second submission[3].

I can send the patch to this list in the near future, but wanted to
highlight it in case anyone is interested in taking a look.

[1] https://cgit.FreeBSD.org/src/commit/?id=5b400a39b8add453bd7e777b9306ef91f8f1403c
[2] https://github.com/openssh/openssh-portable/pull/261
[3] https://github.com/openssh/openssh-portable/pull/262
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux