Sunday, October 4, 2009

Limiting user accounts that can connect remotely via SSH...

1) Installing SSH
    $ sudo apt-get install openssh-server
2) Backup current ssh server configuration file
    $ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
3) Edit the configuration file
    $ sudo gedit /etc/ssh/sshd_config
4) Change the parameter to disallows the root user from connecting
    PermitRootLogin no
5) Add the parameter and specify the usernames (space separated) that can connect remotely.
    AllowUsers <user1> <user2> ...
6) To deny
    DenyUsers <user1> <User2> ...
7) If you enable the OpenSSH server and you do not wish to enable any remote connections, you may add
    AllowUsers nosuchuserhere
8) Restart the service
    $ sudo /etc/init.d/ssh restart

No comments:

Post a Comment