From 77ec2e80ad7085fb5f35a4624ac16bb65d580ca8 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 16 Apr 2014 19:39:36 +0200
Subject: Restrict SSH login to members of the 'ssh-login' group.

Don't use the group 'ssh', as it's automatically created by
openssh-client's postinstall hook, and is used for ssh-agent's setgid.
---
 src/fripost-postinst-udeb/sshd_config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/fripost-postinst-udeb/sshd_config')

diff --git a/src/fripost-postinst-udeb/sshd_config b/src/fripost-postinst-udeb/sshd_config
index e81b272..4281ad1 100644
--- a/src/fripost-postinst-udeb/sshd_config
+++ b/src/fripost-postinst-udeb/sshd_config
@@ -16,7 +16,7 @@ LogLevel INFO
 # Authentication:
 LoginGraceTime 120
 PermitRootLogin no
-AllowGroups ssh
+AllowGroups ssh-login
 StrictModes yes
 
 PubkeyAuthentication yes
-- 
cgit v1.2.3