Allow root access via PAM
I need to disable root access. However, I need root access from a specific IP address.
I disabled root access as follows:
# vim /etc/ssh/sshd_config
# /etc/rc.d/init.d/sshd restart
The above disabled root access for good.
Next, I used PAM to allow access from a specific IP
# vim /etc/security/access.conf
I appended the following lines:
+ : root : 10.0.0.254
+ : root : 127.0.0.1
- : root : ALL
# vim /etc/pam.d/sshd
I appended the following entry
account required pam_access.so
With the above config, I'm still getting "permission denied" when I try to login via ssh from 10.0.0.254
What did I miss?