On Oct 7, 2004, at 2:34 PM, Mark Ogden wrote: > Vlad GALU on Thu, Oct 07, 2004 at 09:22:16PM +0300 wrote: >> On Thu, 7 Oct 2004 12:06:30 -0600, Mark Ogden <[email protected]> >> wrote: >>> Volker Kindermann on Thu, Oct 07, 2004 at 07:54:17PM +0200 wrote: >>>> Hi Jim, >>>> >>>> >>> But what if you have 1000 users? From my understanding you would have >>> to add all users to the AllowUsers list. >> Why can't you just make a script to do that? >> Or simply add all of them to one of the groups specified in >> "AllowGroups". > > Yes I do understand how that would work. Yet me better explain what we > would like to do: We have over 9000 users and about 100 different > groups. We would like to allow root ssh login to our machines but only > from one or two machines. We like to have root login to be able to run > remote commands to all our machines. So is there a way to limit roots > login from one or two machines? Why not just let them use 'sudo' or better yet, just give them access to become root after they login to their initial shell? -Mark > > -Mark > > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"