FW: restricted users

From: Hong Tian (htian@ias.edu)
Date: 02/27/03

  • Next message: Hong Tian: "RE: restricted users"
    From: Hong Tian <htian@ias.edu>
    To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
    Date: Wed, 26 Feb 2003 19:51:23 -0500


    On my RedHat 7.3, there is no manual entry for sshd_config. But I try
    AllowUsers and DenyUsers. It works good.

    The question now is that I have to deny more than 200 users and allow 10
    users. I can't put so many users names on deny lists in sshd_config. I try
    to deny everyone then allow someone. But I don't know how to deny all. I try
    the followings, no one can deny all:

    DenyUsers all => not works
    DenyUsers ALL => not works
    DenyUsers everyone => not works

    DenyUsers user1 => works!
    AllowUsers user2 user3 user4 => works!

    Do you know how to use DenyUsers to deny everyone?


    -----Original Message-----
    From: James Riden [mailto:james.riden@xtra.co.nz]
    Sent: Wednesday, February 26, 2003 7:25 PM
    To: 'Hong Tian'; secureshell@securityfocus.com
    Subject: RE: restricted users

    >From: Hong Tian [mailto:htian@ias.edu]
    >Sent: Thursday, 27 February 2003 5:41 a.m.
    >To: 'secureshell@securityfocus.com'
    >Cc: 'htian@ias.edu'
    >Subject: restricted users
    >I am using ssh on a RedHat Linux server which has many user accounts.
    Now I
    >want to only allow some admin users to ssh to this Linux server. Do you
    >know how to modify the sshd_config file to do it?

    There are the keywords AllowUsers, DenyUsers or maybe AllowGroups,
    DenyGroups would be easier - would they be any help? ( man sshd_config
    gives details on my system )


    James Riden / james.riden@xtra.co.nz / jamesr@security-solutions.co.nz