[nsp] permit vty ssh, no telnet for some users ?

matthew zeier mrz at intelenet.net
Mon Apr 26 13:21:27 EDT 2004


Was looking for something that would allow one user to telnet and require
everyone else to ssh from the same src address.

Apparently this isn't possible.

----- Original Message ----- 
From: "michael earls" <michael at michaelearls.com>
To: "Voll, Scott" <Scott.Voll at wesd.org>; "matthew zeier"
<mrz at intelenet.net>; <cisco-nsp at puck.nether.net>
Sent: Monday, April 26, 2004 10:21 AM
Subject: RE: [nsp] permit vty ssh, no telnet for some users ?


> This is my basic vty config:
>
> !
> access-list 101 permit tcp any eq 22 any
> access-list 101 permit tcp any any eq 22
> access-list 101 permit tcp host 192.168.1.10 any
> !
> line vty 0 4
> access-group 101 in
> !
>
> This allows all to ssh traffic to the vty and only allows telnet/ssh from
> 192.168.1.10.
>
> michael
>
> On Mon, 26 Apr 2004 06:59:12 -0700, Voll, Scott wrote
> > ACL on the vty interface.
> >
> > -----Original Message-----
> > From: matthew zeier [mailto:mrz at intelenet.net]
> > Sent: Saturday, April 24, 2004 6:14 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [nsp] permit vty ssh, no telnet for some users ?
> >
> > Any clue on how to permit just one user to telnet to the router while
> > making
> > everyone else use ssh?  Aside from declaring it a policy.
> >
> > --
> > matthew zeier, Sr. Network Engineer  | "Nothing in life is to be feared.
> > InteleNet Communications, Inc.       |  It is only to be understood."
> > (949) 784-7904                       |       - Marie Curie
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> Michael Earls
>
> http://www.vermeer.org
>
> PGP Info: KeyID 0x6B823F57
> Fingerprint C593 449E 1EA3 A984 E6B2 60AF 7FCC B27B 6B82 3F57
>
> Send Secure Email:
> https://secure.vermeer.org
>



More information about the cisco-nsp mailing list