[Fed-Talk] limiting ssh in large directory environments
[Fed-Talk] limiting ssh in large directory environments
- Subject: [Fed-Talk] limiting ssh in large directory environments
- From: Ron Colvin <email@hidden>
- Date: Wed, 06 Jul 2005 15:41:51 -0400
We are looking seriously at putting our Macs into AD as a matter of
course. One of the drawbacks is how many people use ssh both inbound and
outbound on their computers. A personal workstation that everyone in the
Directory can ssh into is less than desirable. I have been able to
prevent this by adding the AllowGroups line to allow only local admins
to ssh in, your group structure or needs may be very different from
mine. The minor problem I have is I have yet to see any response from
the ssh server when an account that is not in one of the allowed groups
attempts to log in. Is there some way to return some not too useful
error message rather than requiring a control c at the client?
--
***************************************************************
Ron Colvin
DCSE 100, 110, 170
Alternate CSO & IT Consultant Codes 550, 560, 500, 101
NASA - Goddard Space Flight Center
<email@hidden>
Direct phone 301-286-2451
AIM rcolvin13 NASA Jabber email@hidden
****************************************************************
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden