On Thu, Nov 09, 2006 at 12:22:33AM -0500, doug@safeport.com wrote:
> I want to allow a single host root access via ssh. If the order of
> processing DenyUsers, AllowUsers were reversed this cold be done in
> a straight forward manner.
> My question, is would adding an Apache-like derective Order
> Deny,Allow violate any standards or be a security problem?

Couldn't you use the Match keyword (new in 4.4 IIRC) to do this in an
even more straight forward manner?

openssh-unix-dev mailing list