AW: AW: Pam configuration files
Debian-User
office at thinktank.at
Fri Apr 9 08:12:28 UTC 2004
Gary,
thanks a lot for this information! This seems to be exactly what I was
looking for. I think that I'll have to do some testing over the weekend
now ...
(btw, right now I think that it can also be done with only one
IP-address [by specifying different ports in the sshd_config-files - and
configuring the firewall to only allow internal or external traffic to
the according port]; but it wont't hurt if I really should need to use
two IP-addresses anyway)
Thanks again!
Sascha
P.S. BTW: Did I overlook that in any manual/documentation ??? (" ...
don't read documentation voluntarily" ;-)
> -----Ursprüngliche Nachricht-----
> Von: pam-list-bounces at redhat.com
> [mailto:pam-list-bounces at redhat.com] Im Auftrag von Gary Algier
> Gesendet: Donnerstag, 08. April 2004 22:43
> An: Pluggable Authentication Modules
> Betreff: Re: AW: Pam configuration files
>
>
> Debian-User wrote:
> > Hi guys,
> >
> > concerning the "Pam configuration files" issue, I would
> like to ask if
> > there is a way to tell ssh (via different config-files) to
> use different
> > authentication methods (ie to use a special pam_service-name)
>
> Sascha:
>
> The pam service used by sshd is derived from argv[0] as passed to the
> sshd startup command.
>
> You should be able to do this:
>
> cd /usr/sbin
> ln sshd gatewaysshd
> cd /etc/sshd
> cp sshd_config gatewaysshd_config
> Then edit the first to only listen to an address only accessible from
> the inside and edit the second to listen to an address accessible from
> the outside (you need two IP addresses, by the way). The second
> should be more restrictive.
>
> Then make a copy of the rc script and doctor it to
> invoke the new sshd as:
> /usr/sbin/gatewaysshd -f /etc/ssh/gatewaysshd_config
> [...]
>
> --
> Gary Algier, WB2FWZ gaa at ulticom.com
> +1 856 787 2758
> Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054
> Fax:+1 856 866 2033
>
> Nielsen's First Law of Computer Manuals:
> People don't read documentation voluntarily.
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
More information about the Pam-list
mailing list