About Linux FAQ

Browse More FAQs:

Restrict certain users log onto a system via SSH server

Posted by Vivek Gite [Last updated: January 25, 2007]

Q. How do I limit what users can log onto a my Linux server system via OpenSSH / SSHD server?

A. OpenSSH server allows to specify usernames for login. According to man page syntax is as follows::
AllowUsers user1 user2

AllowUsers keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. * and ? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts.

Step # 1: Open sshd_config file

# vi /etc/ssh/sshd_config

Step # 2: Add a user

Only allow user vivek to login by adding following line:
AllowUsers vivek

Step # 3: Restart sshd

Save and close the file. In the above example, user vivek has already been created on the system. Now just restart sshd:
# /etc/init.d/sshd restart

You can also use -
Linux PAM configuration that allows or deny login via the sshd server

Subscribe to our free e-mail newsletter or RSS feed to get all updates. You can Email this page to a friend.

Related Other Helpful FAQs:

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Copyright © 2006-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.