* Frank Steiner <fsteiner-mail@bio.ifi.lmu.de> [2004-06-04 08:53]:
[...] E.g., I would like to restrict the usage of authorized_keys files to certain "trusted" domains and disallow it from other domains. Does anyone know a way to do this?
$ man sshd /AUTHORIZED_KEYS FILE FORMAT But beware: when ther's a way for the corresponding user to modify his ~/.ssh/authorized_keys, he could remove the corresponding entries. So, the best bet would be setting something like AuthorizedKeysFile /etc/ssh/authorized_keys.%u in /etc/ssh/sshd_config. The corresponding user's authorized_keys would then be stored as /etc/ssh/authorized_keys.$USERNAME and due to the permissions of /etc/ssh they wouldn't be writable to the user. -- Wolfram Schlich; Friedhofstr. 8, D-88069 Tettnang; +49-(0)178-SCHLICH