login about faq

How does one allow certain groups to log into Tectia 6.2 running on Solaris 10 using /etc/ssh2/ssh2-server-config-xml?

asked Dec 19 '13 at 20:34

sotodeny's gravatar image


I have a similar question. Lets say I have group called ScriptGroup and group called NormalGroup. I want ScriptGroup to be able to log in using Public Key auth. I want NormalGroup to be able to log in using Password auth.

Is this possible?

(Apr 10 '14 at 02:04) Matt Matt's gravatar image

Is it possible to have an authentication rule based on IP Address? This would accomplish my goal as well. I know that the ScriptGroup would always have the same IP. So ScriptGroup's IP would have different authentication rules from NormalGroup's IP... Is that possible?

edit: I don't want to turn on host based auth.

(Apr 15 '14 at 01:43) Matt Matt's gravatar image

This post has helped answer my questions and it shows how to do this using user names.

For those wanting to see a working example based on IP addresses here is my config:

<authentication-methods login-grace-time="600">
<authentication name="ScriptUser" action="allow" password-cache="no">
        <ip address="" />
        <auth-publickey />

    <authentication name="NormalUsers" action="allow" password-cache="no">
        <auth-publickey />
        <authentication name="domain-auth" action="allow" >
                <submethod-pam />

If your Ip address is you only get public key auth. Everyone else would get public key with pam auth.


answered Apr 15 '14 at 02:47

Matt's gravatar image


edited Apr 15 '14 at 03:03

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Dec 19 '13 at 20:34

Seen: 3,585 times

Last updated: Apr 15 '14 at 03:03

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.