SSH Communications Security
Previous Next Up [Contents] [Index]

    About This Document>>
    Introduction to SSH Secure Shell >>
    Configuring SSH Secure Shell >>
        Basic Configuration>>
        Subconfigurations >>
            Host-Specific Subconfiguration
            User-Specific Subconfiguration
        Configuring SSH Secure Shell for TCP Wrappers Support>>
        Configuring SSH2 for SSH1 Compatibility
        Forwarding>>
    Authentication >>
    Log Messages >>
    Using SSH Secure Shell >>
    Tool Syntax>>
    Technical Specifications >>

User-Specific Subconfiguration

User-specific subconfiguration files are read when the client has stated the user name it is trying to log in with. At this point, the server will obtain additional information about the user: does the user exist, what is the user's UID, and what groups does the user belong to. With this information, the server can read the user-specific configuration files specified by UserSpecifiConfig in the main sshd2 configuration file. The syntax is the following:

UserSpecificConfig pattern subconfig-file

You can use patterns of the form:

user[%group][@host]

where user is matched with the user name and UID, group is matched with the user's primary and secondary groups, both group name and GID, and host is matched as described under AllowHosts (see the sshd2_subconfig man page).

For example, the following would match any user in group "sftp" connecting from company.com:

.*%sftp@company\.com

See the sshd2_subconfig man pages for more information.

Previous Next Up [Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2003 SSH Communications Security Corp.
All rights reserved.
Copyright Notice