On Thu, May 08, 2008 at 11:42:23PM -0500, Andy Tsouladze wrote:
> Essentially, regular users should be able to login from any
> network, while root should be able to login only from a private
> network

> AllowUsers root@192.168.88.* !root@*
> Result: BAD. root can login only from but other
> users cannot login at all.

What if you change the order and/or space to a comma?

AllowUsers !root@*,root@192.168.88.*

You could also try using Match.

openssh-unix-dev mailing list