Hi,
I'm not sure if what I'm thinking of is doable with current
OpenSSH's,
and if yes, how.
I want to force our users to use S/Key-Authentication, but only if they
do not come from "known hosts". "known hosts" could be
hosts that
are listed via IP address ("network 192.168.0.0/24") or hosts that are
listed in ssh_known_hosts - this doesn't really matter, the important
thing is:
- known hosts -> password authentication is OK
- unknown hosts -> only S/Key authentication is permitted
is that possible?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at
greenie.muc.de
fax: +49-89-35655025 gert.doering at
physik.tu-muenchen.de
