Not that I am aware of, but instead of allowing root to login directly
with key exchange, why don't you setup a normal user and grant this user
sudo rights? It is always better to perform all administrative tasks
through sudo, so that the administrative actions can be logged, and so
that the root permissions are only granted in short increments of
time... Only while the specific admin task is performed.
I do know that the commecrial SSH product does have user control that
might allow the type of granularity in login controls that you are
looking for.
A side note: if you use a regular user account, you can setup the user
account as a locked account, then no password authentication would allow
the user to login, yet the key exchange would work due to the way in
which openssh works in authenticating users....
Regards,
___________________________
Armand Welsh
AVP, Information Security
State Street IMS
-----Original Message-----
From: ssh@erdelynet.com [mailto:ssh@erdelynet.com] On Behalf Of am.lists
Sent: Thursday, February 22, 2007 8:28 AM
To: ssh@erdelynet.com
Subject: SSHD Config Question
I've been looking through my sshd config file and what I want to do is
like so:
root: login directly with key exchange
all other valid users: login with password or key exchange.
Is this possible?
Thanks,
Angelo
-- List Info: http://erdelynet.com/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.com -- List Info: http://erdelynet.com/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Mail mailto:ssh+unsubscribe@erdelynet.comReceived on Thu, 22 Feb 2007 08:40:11 -0800
This archive was generated by hypermail 2.1.8 : Thu Feb 22 2007 - 22:54:20 EST