my name is tauseef and i am working as a system support engineer for an IT-based company. I have recently configured a secure ftp server using openssh 5.2 on a CentOS 5.2 , the problem which i am facing is that i have created 2 groups, "admin" group and a "sftpgroup", only 1 user has been added to the admin group and there are 30 users in the sftpgroup, only user in the admin group can only run ssh command(i.e he can login using ssh) and the members of sftpgroup can only run internal-sftp command, i have used "ForceCommand" keyword for that purpose, now the thing is I want to restrict the ssh login of admin user(i.e a user who is member of admin group) from a specific IP address and that user cannot login to ssh from any IPadress other than that, i have used the keyword AllowUser in the sshd_config file for this purpose but the thing is, AllowUser line only allows that user to login to the system which is added to its list and it blocks all the other users, it will be very difficult that every time i have to add a new user in sshd_config file when he wants to access the server by sftp command(i.e every time i have to tmaper the sshd_config file which is not a good practice), i also tried Match conditional block for this purpose in the format "Match User , Address " but this is also not working for me, as soon as it matches the User criteria, it executes the rest of the block, but i want it to match both the criteria(i.e User and his IP address) and then it execute the block, kindly help me in this regard it is really important for me,
Thanks and Regards