Free Downloads, Community Forum,
FAQs and Developer Resources


Make /Tools Your Home | Link to us

Today's posts | Posts since last visit | Most Active Topics

All Forums Register Login Search Subscriptions My Profile Inbox
Tool Warehouse FAQs Resources Help Member List Address Book Logout

SSH sshd.user.conf format and rules

  		Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [SFU / Interix / SUA Technology] >> Tools Discussion Forum >> SSH sshd.user.conf format and rules Page: [1]
Login
Message << Older Topic   Newer Topic >>
SSH sshd.user.conf format and rules - Aug. 30, '06, 1:55:24 PM   
stueyc

 

Posts: 1
Joined: Aug. 29, '06,
Status: offline 		Hello all,

I am currently evaluating Interop SSH and am finding the behaviour of sshd.user.conf entries difficult to follow. I understand that it is the case that this file contains additional configuration information for builtin or domain user accounts that access ssh. Any help and explanations most appreciated.

Scenario 1 - no entries are in the sshd.user.conf. I removed the defaults... Who exactly then has the right to access the box running ssh. For example I am a local admin on my notebook which is running ssh and I am able to connect without any configuration information in sshd.user.conf. Is there a documentation covering this as I can not find adaquate explanations from the man page to be confident as to which users have ssh access.

Scenario 2 - I added a lines to sshd.user.conf

sconey /h /home/sconey
DOMAINA+user1 /h /home/user1

where sconey is my domain user name (and belongs to the domain returned by pdomain), DOMAINA is a valid trusted domain and user1 is a user with the domain. I created the home directories.....the sconey account worked fine and the shell presented the correct pwd. Unfortunately the DOMAINA+user resulted in a hang (until a timeout was reached) in the ssh client and failed to authenticate. I used credentials at the SSH logon prompt of DOMAINA\user1 and DOMAINA+user1. I added user1 to the local Users group on my notebook and validated that I could logon locally. Even when user1 was present in the Users group it was unable to log on to SSH, I also removed the -h option without success....

Also, if at all possible can somebody tell me whether the use of groupnames and usernames in sshd.user.conf are both permitted,so for example a group DOMAINA+groupA -h /home/groupA could all users in groupA share a common home directory?

thankyou
Stuart Coney
Post #: 1
RE: SSH sshd.user.conf format and rules - Sep. 1, '06, 5:43:41 AM   
Rodney

 

Posts: 3728
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline 		Security is kept as per user. Never as per group.
Users can have the same home directory listed in the user database, but
this isn't going to work for setting up keys, etc. for ssh.

As the sshd.user.conf file ships the users in the Administrators group are allowed
access with others denied. This puts it in a default mode that's fairly secure.

Why are you adding "/h" to the line in sshd.user.conf?
Usernames need to be fully qualified (with the domainname) to reduce the change of ambiguity.

For the hang: did you reboot after the installation?
Is syslogd running? If it's not, then logins get hung because nothing is recording
the activity.

(in reply to stueyc)
Post #: 2
Page:   [1]
All Forums >> [SFU / Interix / SUA Technology] >> Tools Discussion Forum >> SSH sshd.user.conf format and rules Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Search All Forums -

Advanced search


SPONSORS

Forum Software © ASPPlayground.NET Advanced Edition 2.5 ANSI

0.047