The following sample files provide an example of how subconfiguration files might be used to apply connection settings to particular hosts and users. In the sample server configuration file, a host subconfiguration file is specified using the HostSpecificConfig keyword. In this example, settings in the host subconfiguration file apply to all users connecting from the acme.com domain. The host subconfiguration file uses the UserSpecificConfig keyword to specify a user subconfiguration file, whose settings apply only to connections from the user named joe, connecting from the acme.com domain.
Server Configuration File
Sample content for /etc/ssh2/sshd2_config.
Port=2222 RequireReverseMapping=yes ResolveClientHostname=yes #Specify a host-specific file for the users from acme.com HostSpecificConfig=.*acme\.com /root/hostsubconfig #Limit forwarding to user joe and constrain his forwarding rights ForwardACL=allow remote joe .* peak.acme.com
Host Subconfiguration File
Sample content for /root/hostsubconfig.
AllowedAuthentications=publickey,password Ciphers=aes128-cbc #Allow sftp access only SessionRestricted=subsystem #Specify a user-specific file for user joe UserSpecificConfig=joe /root/joesubconfig
User Subconfiguration File
Sample content for /root/joesubconfig.
RequiredAuthentications=publickey #Allow both shell and sftp access SessionRestricted=shell,subsystem