SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server >>
    Getting Started >>
    Configuration >>
    Authentication >>
        Server Authentication with Public Keys >>
        Server Authentication with Certificates >>
        User Authentication with Passwords
        User Authentication with Public Keys >>
            Client Configuration
            Server Configuration
            Optional Configuration Settings
        User Authentication with Certificates >>
        Host-Based User Authentication >>
        User Authentication with Keyboard-Interactive >>
        User Authentication with GSSAPI >>
    Application Tunneling >>
    Troubleshooting >>
    Man Pages
    Advanced Options >>
    Log Messages >>

Optional Configuration Settings

The following configuration steps are optional:

  • It is possible to use different settings depending on which key is used in public-key authentication. Your authorization file could, for example, contain the following:
    Key master.pub
    Key maid.pub
    Options allow-from=".*\.example\.org"
    Key butler.pub
    Options deny-from=".*\.evilcrackers\.example",deny-from="phoney.example",no-pty
    
    When someone now logs in using the master key, the connection is not limited in any way by the authorization file. However, if the maid key is used, only connections from certain hosts will be allowed. And if the butler key is used, connections are denied from certain hosts, and additionally the allocation of tty is prevented. More information on the options (and command) keywords is available in the ssh2 man pages.
  • The per-user configuration directory can be changed by setting the UserConfigDirectory keyword in the sshd2_config file and on the client settings.

Per-user configuration information and encryption keys are by default stored in the .ssh2 subdirectory of each user's home directory.

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2010 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice