diff options
author | Daniil Baturin <daniil@baturin.org> | 2018-05-16 03:00:16 +0200 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2018-05-16 03:00:16 +0200 |
commit | 2a477e6bfc80cf7994ad0873b80ca36cab06a456 (patch) | |
tree | 8e596a342032954d598bb46995ed0e25afafc7b2 /interface-definitions/ssh.xml | |
parent | 1c45baa4465111c8268568c80a2433ee7407fccb (diff) | |
parent | a5e81355d1b81d66fafa99fda7f8efde526250bd (diff) | |
download | vyos-1x-2a477e6bfc80cf7994ad0873b80ca36cab06a456.tar.gz vyos-1x-2a477e6bfc80cf7994ad0873b80ca36cab06a456.zip |
Merge branch 'current' of github.com:vyos/vyos-1x into current
Diffstat (limited to 'interface-definitions/ssh.xml')
-rw-r--r-- | interface-definitions/ssh.xml | 69 |
1 files changed, 39 insertions, 30 deletions
diff --git a/interface-definitions/ssh.xml b/interface-definitions/ssh.xml index ba5b887bc..dfae1d8ed 100644 --- a/interface-definitions/ssh.xml +++ b/interface-definitions/ssh.xml @@ -13,43 +13,50 @@ <children> <node name="access-control"> <properties> - <help>SSH user/group access controls. Directives are processed in this: deny-users, allow-users, deny-groups and allow-groups</help> + <help>SSH user/group access controls. Directives are processed in this: deny-users, allow-users, deny-groups and allow-groups</help> </properties> <children> - <leafNode name="allow-groups"> - <properties> - <help>Configure sshd_config access control for allowed groups</help> - </properties> - </leafNode> - <leafNode name="allow-users"> - <properties> - <help>Configure sshd_config access control for allowed users</help> - </properties> - </leafNode> - <leafNode name="deny-groups"> - <properties> - <help>Configure sshd_config access control for disallowed groups</help> - </properties> - </leafNode> - <leafNode name="deny-users"> - <properties> - <help>Configure sshd_config access control for disallowed users</help> - </properties> - </leafNode> + <node name="allow"> + <children> + <leafNode name="group"> + <properties> + <help>Login is allowed for users whose primary or supplementary group matches</help> + <multi/> + </properties> + </leafNode> + <leafNode name="user"> + <properties> + <help>Login is allowed only for user names that match</help> + <multi/> + </properties> + </leafNode> + </children> + </node> + <node name="deny"> + <children> + <leafNode name="group"> + <properties> + <help>Login is disallowed for users whose primary or supplementary group matches</help> + <multi/> + </properties> + </leafNode> + <leafNode name="user"> + <properties> + <help>Login is disallowed for user names that match</help> + <multi/> + </properties> + </leafNode> + </children> + </node> </children> </node> - <leafNode name="allow-root"> - <properties> - <help>Enable root login over ssh</help> - <valueless/> - </properties> - </leafNode> <leafNode name="ciphers"> <properties> - <help>Allowed ciphers</help> + <help>Specifies allowed Ciphers</help> <completionHelp> <script>ssh -Q cipher | tr '\n' ' '</script> </completionHelp> + <multi/> </properties> </leafNode> <leafNode name="disable-host-validation"> @@ -66,10 +73,11 @@ </leafNode> <leafNode name="key-exchange"> <properties> - <help>Key exchange algorithms</help> + <help>Specifies available KEX (Key Exchange) algorithms</help> <completionHelp> <script>ssh -Q kex | tr '\n' ' '</script> </completionHelp> + <multi/> </properties> </leafNode> <leafNode name="listen-address"> @@ -117,10 +125,11 @@ </leafNode> <leafNode name="mac"> <properties> - <help>Allowed message authentication algorithms</help> + <help>Specifies available MAC (message authentication code) algorithms</help> <completionHelp> <script>ssh -Q mac | tr '\n' ' '</script> </completionHelp> + <multi/> </properties> </leafNode> <leafNode name="port"> |