Subject: Re: Alternative logging destination for sshd - msg#00044

Previous Message by Date: click to view message preview

Re: AllowUsers issue

On Thu, Jan 19, 2006 at 09:41:17AM +0200, Vladimir Levijev wrote: > You forgot to mention the DenyUsers part: > > DenyUsers '*' > AllowUsers myuser I think you'll find that'll stop any users matching the DenyUsers pattern (ie all of them). You only need AllowUsers; if set then users not matching it (or AllowGroups) will be denied. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.

Next Message by Date: click to view message preview

Re: best home router for openssh

hbeaumont hbeaumont said: > I'm looking for the best home router to use with openssh. > [...] > However I have found that different brands seem to do a better job of > keeping ssh connections open. > I cannot remember the brand but at least one router I bought in the > past would not keep a connection > for more than 5 minutes. It was a known issue acknowleged by the > company who made it. They had > optimized it for connection-less http etc. > > Currently I run a linksys and it works ok but drops connections > randomly and never can hold one > for more than 8 hours or so. If you haven't, I would try upgrading the firmware on the Linksys. Last year, I had the displeasure of using a USRobotics router at my in-laws that wouldn't hold an ssh session for more than a few minutes. This year, they had finally released a software update that fixed the issue. The USR actually worked well after the upgrade. (I wouldn't necessarily recommend buying it though. Software updates are rare and I'm not convinced that they really care much about that product line.) -dpm

Previous Message by Thread: click to view message preview

Re: Alternative logging destination for sshd

On Thu, Jan 19, 2006 at 02:43:04PM +0100, Tob_Sch@xxxxxx wrote: > we are using OpenSSH 4.2p1. > Is it possible (with the help of documented or undocumented sshd_config > parameters, or by changing some header file entries in the source) to force > sshd to log to a named pipe instead to syslog? You would need to modify the code or provide replacements for openlog/syslog/closelog. Most syslogds will write to a named pipe if you configure them to do so, though. Would that serve your purpose? -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.

Next Message by Thread: click to view message preview

AllowUsers issue

Hi everybody, I have an FC3 system using OpenSSH and would like to allow only one user to login. This way, I have changed the file /etc/ssh/sshd_config at 3 different points: 1) Added: "Protocol 2" 2) Toggle: "AllowPAM no" 3) Added: "AllowUsers myuser" Then, I executed: "/usr/sbin/sshd" Even after that, I could login with a different user than "myuser". What did I do wrong? I am using OpenSSH 3.9p1-7 Thank you, Roberto Gallo