Q. How do I limit what users can log onto a my Linux server system via OpenSSH / SSHD server?
A. OpenSSH server allows to specify usernames for login. According to man page syntax is as follows::
AllowUsers user1 user2
AllowUsers keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. * and ? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts.
Step # 1: Open sshd_config file
# vi /etc/ssh/sshd_config
Step # 2: Add a user
Only allow user vivek to login by adding following line:
AllowUsers vivek
Step # 3: Restart sshd
Save and close the file. In the above example, user vivek has already been created on the system. Now just restart sshd:
# /etc/init.d/sshd restart
You can also use -
Linux PAM configuration that allows or deny login via the sshd server
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
