Subconfiguration File Samples

The following sample files provide an example of how subconfiguration files might be used to apply connection settings to particular hosts and users. In the sample server configuration file, a host subconfiguration file is specified using the HostSpecificConfig keyword. In this example, settings in the host subconfiguration file apply to all users connecting from the acme.com domain. The host subconfiguration file uses the UserSpecificConfig keyword to specify a user subconfiguration file, whose settings apply only to connections from the user named joe, connecting from the acme.com domain.

Server Configuration File

Sample content for /etc/ssh2/sshd2_config.

Port=2222

RequireReverseMapping=yes

ResolveClientHostname=yes

#Specify a host-specific file for the users from acme.com

HostSpecificConfig=.*acme\.com /root/hostsubconfig

#Limit forwarding to user joe and constrain his forwarding rights

ForwardACL=allow remote joe .* peak.acme.com

Host Subconfiguration File

Sample content for /root/hostsubconfig.

AllowedAuthentications=publickey,password

Ciphers=aes128-cbc

#Allow sftp access only

SessionRestricted=subsystem

#Specify a user-specific file for user joe

UserSpecificConfig=joe /root/joesubconfig

User Subconfiguration File

Sample content for /root/joesubconfig.

RequiredAuthentications=publickey

#Allow both shell and sftp access

SessionRestricted=shell,subsystem