RE: restricted users

From: James Riden (
Date: 02/27/03

  • Next message: Greg Wooledge: "Re: restricted users"
    From: "James Riden" <>
    To: "'Hong Tian'" <>, <>
    Date: Thu, 27 Feb 2003 15:10:09 +1300


    Here's an entry from the manpage.


    This keyword can be followed by a list of user name patterns,
    separated by spaces. If specified, login is allowed only for
    users names that match one of the patterns. `*' and `'? can be
    used as wildcards in the patterns. Only user names are valid; a
    numerical user ID is not recognized. By default, login is
    allowed for all users. If the pattern takes the form USER@HOST
    then USER and HOST are separately checked, restricting logins to
    particular users from particular hosts.


    AllowUsers jamesr

    in the config file *should* (seems to on Debian) allow jamesr and
    no-one else to log in via ssh.


    James Riden / /
    -----Original Message-----
    From: Hong Tian [] 
    Sent: Thursday, 27 February 2003 1:51 p.m.
    To: ''
    Subject: FW: restricted users
    On my RedHat 7.3, there is no manual entry for sshd_config. But I try
    AllowUsers and DenyUsers. It works good. 
    The question now is that I have to deny more than 200 users and allow 10
    users. I can't put so many users names on deny lists in sshd_config. I
    to deny everyone then allow someone. But I don't know how to deny all. I
    the followings, no one can deny all:
    DenyUsers all                  => not works
    DenyUsers ALL                  => not works
    DenyUsers everyone             => not works 
    DenyUsers user1                 => works!
    AllowUsers user2 user3 user4    => works!
    Do you know how to use DenyUsers to deny everyone?