Help - Search - Members - Calendar
Full Version: Limit Ssh
Linuxhelp > Support > Technical Support
Anyone know how I could go about restricting what accounts people can use to log in via SSH?

(I don't want people to be able to log in as root, but I DO want people to be to "su" when alread logged in)
First off, add all users that you want to be able to 'su' to root to the wheel group.

As for restricting users to the ssh, you should create a group, say "ssh" and add the users to it that you want to have permission to login remotely via ssh. Then, edit your sshd_config file and look for the "AllowGroups" line, and add "ssh" to it. You can also deny certain users with the DenyUsers and DenyGroups. But, to be more organized, it's easier to just allow groups instead of certain users, and then add and remove users to that group when needed.

As well, you may want to include 'root' in the denyusers part, so no one can attempt to brute force your root password through ssh.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.