I have been trying to understand how the SSH server settings are controlled on Leopard. To turn sshd on you tick the remote login box on the sharing preference pane. You can then control which users are allowed to log in by selecting them in the “allow access for” section.
But where does it store the settings? Traditionally you would have added a clause like
AllowUsers jad
to /etc/ssh/sshd_config. However OS X does not do this, instead it adds a file called
/private/var/db/dslocal/nodes/Default/groups/com.apple.access_ssh.plist
containing what appears to be a list of users in the remote login group. I have no idea what uses this file. Is it a modified version of sshd or is something cleverer at work?
And, what was wrong with the old way?