[nsp] permit vty ssh, no telnet for some users ?

Hudson Delbert J Contr 61 CS/SCBN Delbert.Hudson at LOSANGELES.AF.MIL
Mon Apr 26 17:27:32 EDT 2004


agreed. just commenting on current acl's.

/* piranha */


-----Original Message-----
From: Sam Munzani [mailto:sam at munzani.com]
Sent: Monday, April 26, 2004 12:55 PM
To: Gert Doering; Hudson Delbert J Contr 61 CS/SCBN
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] permit vty ssh, no telnet for some users ?


Million dollar question is why would you want exception for one user? SSH is
better. Force everybody to use SSH :-)

Sam


> Hi,
>
> On Mon, Apr 26, 2004 at 12:09:11PM -0700, Hudson Delbert J Contr 61
CS/SCBN wrote:
> > the solution exists on the clients not on infra-structure boxes which
> > by rights ought not to have perofm this type operation.
>
> There is *no way* to "perform this type of operation".
>
> You cannot limit the connection type to specific users if you only know
> the user name *after* establishing the connection.
>
> gert
> -- 
> USENET is *not* the non-clickable part of WWW!
>
//www.muc.de/~gert/
> Gert Doering - Munich, Germany
gert at greenie.muc.de
> fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list