[wplug-bsd] Root logins and public keys
Brian A. Seklecki
lavalamp at spiritual-machines.org
Sat Dec 3 21:29:05 EST 2005
On Sat, 2005-12-03 at 21:18, Brandon Kuczenski wrote:
> On Sat, 3 Dec 2005, Bill Moran wrote:
>
> >
> > An alternative would be to run 2 sshds. One on the the external interface,
> > and the other only on the loopback. Then you could configure each specific
> > to the way you want it to work. The internal accepting keypairs only, and
> > the external refusing all root logins.
> >
>
> So, I would do that by creating a new rc script in /usr/local/etc/rc.d and
> using that to start a new ssh daemon with a different config file?
>
And possibly new keys:
SSHD(8) BSD System Manager's Manual
SSHD(8)
NAME
sshd - OpenSSH SSH daemon
SYNOPSIS
sshd [-deiqtD46] [-b bits] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u
len]
The IP/Port bind options are described in sshd_config(5)
http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
> -Brandon
>
> _______________________________________________
> wplug-bsd mailing list
> wplug-bsd at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug-bsd
More information about the wplug-bsd
mailing list