On Oct 7, 2004, at 2:34 PM, Mark Ogden wrote: > Vlad GALU on Thu, Oct 07, 2004 at 09:22:16PM +0300 wrote: >> On Thu, 7 Oct 2004 12:06:30 -0600, Mark Ogden <ogden@eng.utah.edu> >> wrote: >>> Volker Kindermann on Thu, Oct 07, 2004 at 07:54:17PM +0200 wrote: >>>> Hi Jim, >>>> >>>> >>> But what if you have 1000 users? From my understanding you would have >>> to add all users to the AllowUsers list. >> Why can't you just make a script to do that? >> Or simply add all of them to one of the groups specified in >> "AllowGroups". > > Yes I do understand how that would work. Yet me better explain what we > would like to do: We have over 9000 users and about 100 different > groups. We would like to allow root ssh login to our machines but only > from one or two machines. We like to have root login to be able to run > remote commands to all our machines. So is there a way to limit roots > login from one or two machines? Why not just let them use 'sudo' or better yet, just give them access to become root after they login to their initial shell? -Mark > > -Mark > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"