RE: restricted users
From: James Riden (email@example.com)
- Previous message: Hong Tian: "RE: restricted users"
- In reply to: Hong Tian: "FW: restricted users"
- Next in thread: Hong Tian: "RE: restricted users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "James Riden" <firstname.lastname@example.org> To: "'Hong Tian'" <email@example.com>, <firstname.lastname@example.org> Date: Thu, 27 Feb 2003 15:10:09 +1300
Here's an entry from the manpage.
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for
users names that match one of the patterns. `*' and `'? can be
used as wildcards in the patterns. Only user names are valid; a
numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form USER@HOST
then USER and HOST are separately checked, restricting logins to
particular users from particular hosts.
in the config file *should* (seems to on Debian) allow jamesr and
no-one else to log in via ssh.
-- James Riden / email@example.com / firstname.lastname@example.org http://www.security-solutions.co.nz/ -----Original Message----- From: Hong Tian [mailto:email@example.com] Sent: Thursday, 27 February 2003 1:51 p.m. To: 'firstname.lastname@example.org' Subject: FW: restricted users Jamie, On my RedHat 7.3, there is no manual entry for sshd_config. But I try AllowUsers and DenyUsers. It works good. The question now is that I have to deny more than 200 users and allow 10 users. I can't put so many users names on deny lists in sshd_config. I try to deny everyone then allow someone. But I don't know how to deny all. I try the followings, no one can deny all: DenyUsers all => not works DenyUsers ALL => not works DenyUsers everyone => not works DenyUsers user1 => works! AllowUsers user2 user3 user4 => works! Do you know how to use DenyUsers to deny everyone? Thanks, Hong