Re: AllowUsers issue
- From: Vladimir Levijev <vladimir.levijev@xxxxxxxxx>
- Date: Fri, 20 Jan 2006 18:01:19 +0200
On 1/20/06, Vladimir Levijev <vladimir.levijev@xxxxxxxxx> wrote:
> > > You forgot to mention the DenyUsers part:
> > >
> > > DenyUsers '*'
> > > AllowUsers myuser
> > I think you'll find that'll stop any users matching the DenyUsers pattern
> > (ie all of them).
> > You only need AllowUsers; if set then users not matching it (or
> > AllowGroups) will be denied.
> Why don't you try, before you "think". Or at least, read the fine
> manual. Here is a hint:
> man sshd_config | grep Users -A9
Sorry, my bad. It appeared, that parameter takes values without the
quotes. So it acts really strange way if you add '*' (quoted) value.
When I tested what I've proposed (I've tested it with unprivileged
user and root, adding unprivileged user to AllowUsers) I could not
login with root any longer (usually I can) but could with the user. So
it looked like it works. Now I figured if I add * (unquoted) value to
DenyUsers it denies all. And the option AllowUsers works fine (accept
only listed) alone.
- Prev by Date: Re: Alternative logging destination for sshd
- Next by Date: Re: best home router for openssh
- Previous by thread: Re: AllowUsers issue
- Next by thread: Re: AllowUsers issue