RE: AllowUser, DenyUser don't work.



Hmmm... true
Sorry for the typo.

Philipp

-----Original Message-----
From: Dominik Habichtsberg [mailto:Dominik.Habichtsberg@xxxxxx]
Sent: Mittwoch, 31. Januar 2007 19:36
To: Philipp Snizek
Cc: secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: AllowUser, DenyUser don't work.

wasn't it without a = `???

AllowRootLogin no not AllowRootLogin=no !?
Greetz, Dominik

Philipp Snizek schrieb:
I try to restrict some kind of login through AllowUser and DenyUser but
failed.
openssh version: 4.5
What I want: disable root login from network outside 192.17.0.0 What
I wrote into /etc/ssh/sshd_config
***************************
DenyUsers root
AllowUsers root@xxxxxxx*
***************************
However, after that not only root can not login from anywhere, but all
the other accounts are also disabled
Anything I did wrong?

Yes.
/etc/ssh/sshd_config:
AllowUsers you@thehostyourecomingfrom
AllowRootLogin=no

ssh you@yourbox
you@yourbox:~$ su - root


Best,
Philipp




Relevant Pages

  • AllowUser, DenyUser dont work.
    ... I try to restrict some kind of login through AllowUser and DenyUser but ... disable root login from network outside 192.17.0.0 ...
    (SSH)
  • Re: AllowUser, DenyUser dont work.
    ... disable root login from network outside 192.17.0.0 ... DenyUsers root ... AllowUsers you@thehostyourecomingfrom ...
    (SSH)
  • Re: AllowUser, DenyUser dont work.
    ... disable root login from network outside 192.17.0.0 What ... AllowUsers you@thehostyourecomingfrom ...
    (SSH)
  • Re: AllowUser, DenyUser dont work.
    ... As per the section below, if you have "DenyUsers root", it will be ... even if you add "AllowUsers root@host"... ... remote backups even if root login is normally not ...
    (SSH)
  • Re: AllowUser, DenyUser dont work.
    ... disable root login from network outside 192.17.0.0 ... you don't need the DenyUsers line. ... If you specify AllowUsers then ...
    (SSH)