D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] OpenSSH Authentication

 

Hi all,

Until recently my Internet-accessible server was running OpenSSH using 
password-based authentication so that I could easily access it remotely.

I've known for some time that this wasn't a terribly good idea and have 
finally switched to using public-key authentication. However, I'd like to set 
it up so that clients coming from the Internet must use public-key, while 
clients on my LAN can use password-based authentication.

I've been unable to find out how to achieve this; does anyone know if this is 
even possible? Or must I run two instances of OpenSSH with an 
Internet-accessible instance allowing only public key authentication and 
another non-Internet-accessible one allowing password-based authentication?

Thanks in advance,
David.

-- 
David Johnson
www.david-web.co.uk

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html