[SOLVED] how to define ssh users

golden_boy615 · 12-18-2010, 04:01 AM

hello
How can I define some users as ssh user( ssh to linux remotely ) and the others not ( do not ssh)?

Thanks

druuna · 12-18-2010, 04:22 AM

Hi,

The sshd_config file has an AllowUsers and AllowGroups directive, which makes it possible to set which users/groups are allowed to use ssh.

Have a look here for the details: man sshd_config

Hope this helps.

wpeckham · 12-18-2010, 05:17 AM

Can you provide more detail about what you really want to achieve?
Do you mean that some user accounts on the machine should only be able to be used at the console, no remote access?
Do you mean some users should not get a shell (as sftp/scp only) to transfer files but NOT to run programs?
Perhaps something else?

golden_boy615 · 12-19-2010, 08:34 AM

I meant ,some user accounts on the machine should only be able to be used at the console, no remote access.

wpeckham · 12-20-2010, 08:57 AM

Then the post from Druuna gives you the critical piece. If ONLY the users you want to allow are properly listed as allowed, NO ONE ELSE will be able to access the server over ssh from any remote location.

Read the docs, set up some two users (one listed, one not) and run a few tests. It should not take long for you to gain confidence in using these settings to control access.