Bugtraq mailing list archives
Re: sshd and pop/ftponly users incorrect configuration
From: cdi () THEWEBMASTERS NET (CDI)
Date: Mon, 14 Feb 2000 14:26:51 -0800
On Fri, 11 Feb 2000, Marc SCHAEFER wrote:
NAME sshd-restricted-users-incorrect-configuration
[snip]
IMMUNE CONFIGURATIONS You are immune to this problem if one (or more) of the following is true: - the group(s) where those users belong to is listed in /etc/ssh/sshd_config or equivalent configuration file as DenyGroups group1 group2 # etc (this is the recommended setup)
Just a quick note - it's much more accurate (not to mention secure) to use 'AllowGroups' rather than DenyGroups. If AllowGroups is set, then only if a users primary group matches one of the specified group names are they permitted to complete a connection attempt. ____________________________________ The Web Master's Net http://www.thewebmasters.net/ Today's Excuse: Someone is standing on the ethernet cable, causeing a kink in the cable
Current thread:
- sshd and pop/ftponly users incorrect configuration Marc SCHAEFER (Feb 11)
- Re: sshd and pop/ftponly users incorrect configuration CDI (Feb 14)
- Re: sshd and pop/ftponly users incorrect configuration Theo de Raadt (Feb 15)
- <Possible follow-ups>
- Re: sshd and pop/ftponly users incorrect configuration Marc SCHAEFER (Feb 15)