How to restrict the ssh operation for one user

fidelis · 09-10-2004, 02:58 AM

Dear All,

I want to allow the ssh operation to only one user. currently i have restricted to the user 'root', the same i want to restrict for all the user except one authorised user. Kindly reply me back if there is anyway to achieve this?.

Thanks in advance.

Fidelis

Cerbere · 09-10-2004, 04:46 AM

Welcome to LQ.org, fidelis!

I do hope that you mean you have restricted sshd so that 'root' cannot log in. It is more secure to only allow non-privileged users to ssh, then su to root, if necessary.

At any rate, you can limit logins to specific user(s) by adding the AllowUsers keyword to your sshd_config file. If you had mentioned which distro you're using, I could probably tell you where to find this file (possibly /etc/ssh/sshd_config); although since you've already restricted logins, you should know where to find it.

The following is from the sshd_config man page:

Code:

     AllowUsers
             This keyword can be followed by a list of user name patterns,
             separated by spaces.  If specified, login is allowed only for
             user names that match one of the patterns.  `*' and `?' can be
             used as wildcards in the patterns.  Only user names are valid; a
             numerical user ID is not recognized.  By default, login is
             allowed for all users.  If the pattern takes the form USER@HOST
             then USER and HOST are separately checked, restricting logins to
             particular users from particular hosts.

Enjoy!
--- Cerbere

fidelis · 09-13-2004, 02:37 AM

Dear Cerbere,

Thanks alot for your help. It works fine.

Thanks,
Fidelis