posted on may 6, 2008 in howto, linux with 1 comment
Its sometimes necessary to limit who has access to a server via SSH. Most Linux security hardening checklist today require this to be enforced.
Fortunately this can be easily done with openSSH. Just edit the /etc/ssh/sshd_config file and add the desired directives shown below. You don’t need them all, just use what suits you needs.
openSSH provides 4 directives, AllowUsers, AllowGroups, DenyUsers and DenyGroups
AllowUsers buddy john doe
Only users buddy, john and doe will be able to log in via ssh.
AllowGroups sysadmin bkpadmin
Only users within groups sysadmin and bkpadmin will be able to log in via ssh.
DenyUsers rambo tina
This is the opposite of AllowUsers. All users except for rambo and tina will be able to log in via ssh.
DenyGroups hr payroll
This is the opposite of AllowGroups. All groups except for hr and payroll will be able to log in via ssh.
分享到:
相关推荐
在Ubuntu系统上安装SSH(Secure Shell)是连接远程服务器、进行安全远程操作的重要步骤。SSH是一种网络协议,用于安全地远程登录到服务器,执行命令、传输文件等操作。本指南将详细阐述如何在Ubuntu上安装并配置SSH...
How to limit request by IP on nginx?
You should ensure that the server's public keys are loaded by the client as described in How to use SFTP (with server validation - known hosts), or you may want to switch off server validation to get ...
The best-selling C++ How to Program is accessible to readers with little or no programming experience, yet comprehensive enough for the professional programmer. The Deitels’ signature live-code ...
Linux HOWTO(中文版) BootPrompt-HOWTO (28KB) 启动提示说明 CDROM-HOWTO (27KB) 如何安装, 设定及使用光驱,同时列出支援的硬体. Chinese-HOWTO (39KB) 如何在 Linux 的系统上使用中文?/TD> Config-...
This book provides the typical network administrator with the basic tools and instruction they need to maintain a secure network while allowing acceptable access to users. · A practical product ...
Polya reveals how the mathematical method of demonstrating a proof or finding an unknown can be of help in attacking any problem that can be "reasoned" out - from building a bridge to winning a game ...
How to Make Sense of Any Mess: Information Architecture for Everybody Abby Covert Everything is getting more complex. It is easy to be overwhelmed by the amount of information we encounter each ...
《C++ How to Program》是C++编程领域的一本经典教材,由保罗·戴特尔(Paul Deitel)和哈维·戴特尔(Harvey Deitel)共同编写,提供了全面且深入的C++学习资源。该教程分为第九版(9E)和第十版(10E),并提供中...
This article introduces how to configure ODBC DSN in Server to access local DB2 for windows in detail. Then I give a sample how to access local DB2 database with ODBC by DB Query Analyzer expediently.
RK3399的DRM-HOWTO测试 最近在学习与调试RK3399的DRM显示架构,网上有很多例程,其中介绍比较多的是来于David Herrmann’s Github的drm-howto.开源代码 但这些源码下载后执行make编译出来的执行文件只能在PC机上测试...
Linux中文HOWTO Linux中文HOWTO Linux中文HOWTO
Exploiting Software - How to Break Code.rar
软件为测试听音软件 可以自定义语音、训练自己的耳朵可以分辨音频的细微差别
This article introduces how to configure ODBC DSN in Client to access remote DB2 for windows in detail. Then I give a sample how to access remote DB2 database with ODBC by DB Query Analyzer ...
How to read a book efficiently. Part one The dimensions of reading Part two The third level of reading Part three Approaches to different kinds of reading Part four The ultimate goals of reading
The best-selling C++ How to Program is accessible to readers with little or no programming experience, yet comprehensive enough for the professional programmer. The Deitels’ signature live-code ...