On Tue, Nov 27, 2001 at 10:23:57AM +0100, op wrote:
> This isn't debian specific but ...
>
> I specify the users in /ets/ssh/sshd_config who are allowed to connect via
> ssh. But I'd like some more control. I'd like to control which subnets user x
> can connect from. Some should be allowed to connect from anywhere but some
> should only be able to conect from the local network.
Use pam_access.
in /etc/security/access.conf
-:localnetuser1 localnetuser2:ALL EXCEPT LOCAL .localdomain
in /etc/pam.d/ssh after "account requiered pam_unix.so"
account requiered pam_access.so
hope that helps
