search for: requiredauthentication

...ered laptops. So a sysadmin can restrict access to allow only client hosts which can pass the HostbasedAuthentication tests, whatever the current IP name/address, but still insist on the user authenticating themselves (by password say). Is this possible? I see there's a SSH2 configuration of RequiredAuthentications which might allow the sysadmin to specify two authentications required, but it's not in openssh is it, and maybe it doesn't do what I want anyway? Thanks in advance, Lawrence. -- Tel: 0121 414 4621 Fax: 0121 414 6709 Email: L.S.Lowe at bham.ac.uk

...although it's still limiting (eg you can't easily nest directives). "Match" would be first-match, same as ssh_config. (I think this is simpler for both implementation and configuration, but needs more careful planning of the directives). This would be especially useful with the RequiredAuthentications patch in bugzilla, eg: # allow anyone to authenticate normally from the local net Match Address 192.168.0.0/24 RequiredAuthentications default # allow admins from the dmz with pubkey and password Match Group admins Address 1.2.3.0/24 RequiredAuthentications publickey,password # deny untrusted...

Hi, I hope this is the right place for a feature request. I'd like to have more flexible AllowUsers/DenyUsers synax. I am in a situation, where I have machines connected to three networks (a private, high speed, a public, and a private vpn) and I'd like to enable root logins only on the private networks. Currently I see no way of doing this, because there is no way to specify a

https://bugzilla.mindrot.org/show_bug.cgi?id=1587 Summary: [man] sshd_config(5) provide examples of keyword 'Match' Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Other Status: NEW Severity: enhancement Priority: P2 Component: Documentation

Hi, I am an open-source developer and was a PhD candidate in Artificial Intelligence in USC Electrical Engineering Department and left the program this year. My open-source is a MUD game that I distribute under BSD license at http://anatoliamud.sourceforge.net. As you all know that "RequiredAuthentications" configuration in Commercial SSH equivalent has not been implemented for OpenSSH yet, and there's even a note in auth2.c saying: "/* XXX todo: check if multiple auth methods are needed */". I am currently writing/building my own open-ssh server into my MUD game and I have gott...

http://bugzilla.mindrot.org/show_bug.cgi?id=983 Summary: Required authentication Product: Portable OpenSSH Version: -current Platform: All OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: djm at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=582 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Comment #2 from djm at mindrot.org 2005-11-06 03:46 -------

https://bugzilla.mindrot.org/show_bug.cgi?id=983 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgsery at swcp.com --- Comment #18 from Damien Miller <djm at mindrot.org> 2008-06-13 13:56:12 --- *** Bug

Hello all, Some time ago there seemed to be progress on the RequiredAuthentication patch that would allow sshd to require that multiple authentication methods be successful in order to grant access to a system. [1] That patch was used as a poster-child for the Match keyword that was subsequently added. Unfortunately, it looks like development on this feature has stalled. Are th...

...dated version of original patch. Fix missing braces around block in monitor.c:449-451 which causes that condition on monitor.c:457 is never true. Fix possible dereferenced NULL value in auth2.c:449 Fix dereference before null check in servconf.c:1233 and 1246 which causes segfault if argument of RequiredAuthentications[12] is empty. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching someone on the CC list of the bug. You are watching the reporter of the bug.