diff options
| author | jmc@openbsd.org <jmc@openbsd.org> | 2016-04-27 13:53:48 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-04-28 19:55:28 +1000 |
| commit | ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6 (patch) | |
| tree | f6ec124816df955bcc39c7ec331a5b10f7ceb8c1 | |
| parent | b6e0140a5aa883c27b98415bd8aa9f65fc04ee22 (diff) | |
upstream commit
cidr permitted for {allow,deny}users; from lars nooden ok djm
Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
| -rw-r--r-- | sshd_config.5 | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 433b8f2c1..63807c030 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -33,8 +33,8 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: sshd_config.5,v 1.221 2016/03/17 17:19:43 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.222 2016/04/27 13:53:48 jmc Exp $ |
| 37 | .Dd $Mdocdate: March 17 2016 $ | 37 | .Dd $Mdocdate: April 27 2016 $ |
| 38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| 40 | .Sh NAME | 40 | .Sh NAME |
| @@ -173,6 +173,8 @@ By default, login is allowed for all users. | |||
| 173 | If the pattern takes the form USER@HOST then USER and HOST | 173 | If the pattern takes the form USER@HOST then USER and HOST |
| 174 | are separately checked, restricting logins to particular | 174 | are separately checked, restricting logins to particular |
| 175 | users from particular hosts. | 175 | users from particular hosts. |
| 176 | HOST criteria may additionally contain addresses to match in CIDR | ||
| 177 | address/masklen format. | ||
| 176 | The allow/deny directives are processed in the following order: | 178 | The allow/deny directives are processed in the following order: |
| 177 | .Cm DenyUsers , | 179 | .Cm DenyUsers , |
| 178 | .Cm AllowUsers , | 180 | .Cm AllowUsers , |
| @@ -560,6 +562,8 @@ By default, login is allowed for all users. | |||
| 560 | If the pattern takes the form USER@HOST then USER and HOST | 562 | If the pattern takes the form USER@HOST then USER and HOST |
| 561 | are separately checked, restricting logins to particular | 563 | are separately checked, restricting logins to particular |
| 562 | users from particular hosts. | 564 | users from particular hosts. |
| 565 | HOST criteria may additionally contain addresses to match in CIDR | ||
| 566 | address/masklen format. | ||
| 563 | The allow/deny directives are processed in the following order: | 567 | The allow/deny directives are processed in the following order: |
| 564 | .Cm DenyUsers , | 568 | .Cm DenyUsers , |
| 565 | .Cm AllowUsers , | 569 | .Cm AllowUsers , |