Why not login to Qiita and try out its useful features?

We'll deliver articles that match you.

You can read useful information later.

0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

【小ネタ】sshdで特定のグループのみパスワード認証にする

Posted at

経緯

公開鍵認証方式でサーバに接続する以外に、「特定のアカウントのみパスワード認証したい」というリクエストがあったので設定内容のメモ。。(今までそういう設定したことなかったわ)

ちなみにsshd_configのMatchディレクティブを使えば実現可能だが、アカウントが大量にあると個別指定が面倒いのでグループ単位で指定したほうが運用面で楽になります。

設定内容

グループ単位でパスワード認証を許可するなら、sshd_configの終盤に以下のように記載

Match Group グループ名
 PasswordAuthentication yes

Matchディレクティブで条件を記載すればOK。
ちなみにMatchディレクティブで指定できる条件は・・・

  • User
  • Group
  • Host
  • Address

接続元のAddress指定もできるので端末が特定されている際は便利そう。

sshd_coinfig(5)

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up

Qiita Conference 2025 will be held!: 4/23(wed) - 4/25(Fri)

Qiita Conference is the largest tech conference in Qiita!

Keynote Speaker

ymrl、Masanobu Naruse, Takeshi Kano, Junichi Ito, uhyo, Hiroshi Tokumaru, MinoDriven, Minorun, Hiroyuki Sakuraba, tenntenn, drken, konifar

View event details
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?