Re: AllowUser, DenyUser don't work.

From: Philipp Snizek <psnizek@xxxxxxxxxx>
Date: Wed, 31 Jan 2007 08:08:15 +0100

I try to restrict some kind of login through AllowUser and DenyUser but
failed.
openssh version: 4.5
What I want: disable root login from network outside 192.17.0.0 What I wrote into /etc/ssh/sshd_config
***************************
DenyUsers root
AllowUsers root@xxxxxxx*
***************************
However, after that not only root can not login from anywhere, but all
the other accounts are also disabled

Anything I did wrong?

Yes.
/etc/ssh/sshd_config:
AllowUsers you@thehostyourecomingfrom
AllowRootLogin=no

ssh you@yourbox
you@yourbox:~$ su - root

Best,
Philipp

References:
- AllowUser, DenyUser don't work.
  - From: MCG ZHUANG Liang

Prev by Date: Re: AllowUser, DenyUser don't work.
Next by Date: Carriage return character added automatically
Previous by thread: Re: AllowUser, DenyUser don't work.
Next by thread: Re: AllowUser, DenyUser don't work.
Index(es):
- Date
- Thread

Relevant Pages

Re: AllowUser, DenyUser dont work.
... As per the section below, if you have "DenyUsers root", it will be ... even if you add "AllowUsers root@host"... ... remote backups even if root login is normally not ...
(SSH)
Re: AllowUser, DenyUser dont work.
... disable root login from network outside 192.17.0.0 ... you don't need the DenyUsers line. ... If you specify AllowUsers then ...
(SSH)
RE: AllowUser, DenyUser dont work.
... Subject: AllowUser, DenyUser don't work. ... disable root login from network outside 192.17.0.0 What ... AllowUsers you@thehostyourecomingfrom ...
(SSH)
Re: AllowUser, DenyUser dont work.
... disable root login from network outside 192.17.0.0 What ... AllowUsers you@thehostyourecomingfrom ...
(SSH)
Re: root trying to ssh but being denied
... > listed in AllowUsers ... If it were root from ... It's a script kiddie having found that your IP ... is to move the SSH server to another port. ...
(comp.os.linux.security)