Ingemar Nilsson wrote:
> Damien Miller wrote:
>> You can do this with the "Match" keyword in sshd_config now. You need
>> root access to configure it though.
>> Match user djm
>> PasswordAuthentication no
>> KbdInteractiveAuthentication no
>> GSSAPIAuthentication no
>> KerberosAuthentication no
>> HostbasedAuthentication no
>> PubkeyAuthentication yes

> Sure, but that still involves the system administrator. I would like
> users to be able to set restrictive login policies for themselves
> without involving the system administrator.
> Regards
> Ingemar

Setup isolate environment for every user with root access and left them
to do administration.
Note how to setup this environment is out of secure shell scope.

Get X.509 certificates support in OpenSSH:
openssh-unix-dev mailing list