Here is my problems :
- Ldap accounts are allowed to connect on SSH
- Local account are not allowed to connect on SSH
Ldap account is allowed by "/etc/pam/sshd" :
auth required pam_listfile.so item=group sense=allow file=/etc/security/allowed-groups onerr=succeed
I would like to :
- Permit LDAP account to connect on SSH with a publickey or a password
- Permit Local account to connect on SSH with a publickey but deny with password)
They are some options on sshd_config like PubkeyAuthentication and PasswordAuthentication; but these options seem to be for all account.
Is there any way to do this ?
If possible, I don't want to put all my local users in a same "global local group"