[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Deny auth based on client


Alan Sparks wrote,
> Add an attribute "host" to the user entry, where the value is the
> fully-qualified name of the host he's allowed to log into.  Add as
> many of these "host" attributes as you need, each the name of a
> machine he's allowed on.
> The standard behavior is to allow access to all hosts if the "host"
> attributes are missing, and allow only to the specified hosts is one
> or more host attributes exist.

This is a very neat feature and works very well too, just tried it on
my myself :)

Instead of hostnames, can I use domain names to restrict auth (or even
wild cards)? The following don't work:

host: .mydomain.com
host: mydomain.com
host: *.mydomain.com

-- Shanu

 ------------------------------------------( Shanu )-----
 Shanker Balan            http://people.exocore.com/shanu
 God is silent. Now if we can only get Man to shut up.