root login from one IP; user from any? - SSH

This is a discussion on root login from one IP; user from any? - SSH ; Is it possible to set up sh so that root can log in from a single IP address, while allowing non-root users from any address? I need to figure out how to allow root access to a particular system without ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: root login from one IP; user from any?

  1. root login from one IP; user from any?

    Is it possible to set up sh so that root can log in from a single IP
    address, while allowing non-root users from any address?

    I need to figure out how to allow root access to a particular system
    without compromising security too much.

    --Yan

  2. Re: root login from one IP; user from any?

    >>>>> "CptDondo" == CptDondo writes:

    CptDondo> Is it possible to set up sh so that root can log in from a
    CptDondo> single IP address, while allowing non-root users from any
    CptDondo> address?

    CptDondo> I need to figure out how to allow root access to a
    CptDondo> particular system without compromising security too much.

    CptDondo> --Yan

    Check out the sshd_config Match feature in the latest version.

    --
    Richard Silverman
    res@qoxp.net


  3. Re: root login from one IP; user from any?

    Richard E. Silverman schreef:
    >>>>>> "CptDondo" == CptDondo writes:

    >
    > CptDondo> Is it possible to set up sh so that root can log in from a
    > CptDondo> single IP address, while allowing non-root users from any
    > CptDondo> address?
    >
    > CptDondo> I need to figure out how to allow root access to a
    > CptDondo> particular system without compromising security too much.
    >
    > CptDondo> --Yan
    >
    > Check out the sshd_config Match feature in the latest version.
    >


    Alternatively (or additionally), consider using passphrased
    public/private key login for root.

  4. Re: root login from one IP; user from any?

    Steven Mocking schrieb:
    > Richard E. Silverman schreef:
    >>>>>>> "CptDondo" == CptDondo writes:

    >>
    >> CptDondo> Is it possible to set up sh so that root can log in from a
    >> CptDondo> single IP address, while allowing non-root users from any
    >> CptDondo> address?
    >>
    >> CptDondo> I need to figure out how to allow root access to a
    >> CptDondo> particular system without compromising security too much.
    >>
    >> CptDondo> --Yan
    >>
    >> Check out the sshd_config Match feature in the latest version.
    >>

    >
    > Alternatively (or additionally), consider using passphrased
    > public/private key login for root.


    .... and add a from=ipaddress to the key for root ...

+ Reply to Thread