SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
        Server Configuration Files >>
        Subconfigurations >>
            Host-Specific Subconfiguration
            User-Specific Subconfiguration
        Ciphers and MACs >>
        Configuring Root Logins
        Restricting User Logins
        Subsystems
        Auditing >>
        Securing the Server >>
        Default sshd2_config Configuration File
        Default ssh_certd_config Configuration File
    Configuring the Client >>
    Authentication >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
    Log Messages >>

Host-Specific Subconfiguration

The host-specific configuration files are configured with the HostSpecificConfig variable. These files are read immediately after a new process is launched to handle the connection. Thus most configuration options can be set in these. The syntax is the following:

HostSpecificConfig pattern subconfig-file

pattern will be used to match the client host as specified under AllowHosts on the sshd2_subconfig man page (Appendix sshd2_subconfig). The file subconfig-file will then be read, and configuration data amended accordingly.

The file is read before any actual protocol transactions begin, and you can specify most of the options allowed in the main configuration file. You can specify more than one subconfiguration file, in which case the patterns are matched and the files read in the specified order. Values of configuration options defined later will either override or amend the previous value depending on the option. The effect of redefining an option is described in the documentation for that option. For example, setting Ciphers in the subconfiguration file will override the old value, but setting AllowUsers will amend the value.

Example 1: The following matches (from) any host:

HostSpecificConfig   .*   /etc/ssh2/subconfig/host_ext.conf

Example 2: The following matches a subnet mask:

HostSpecificConfig   \m192.168.0.0/16   /etc/ssh2/subconfig/host_int.conf

For more information, please see the sshd2_subconfig and sshd2_config man page (Appendix sshd2_subconfig).

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice