Re: Negated patterns in AllowedUsers



With PAM in /etc/pam.d/sshd you can especify the root only to login
from a certain IP address

On 9/7/07, Greg Wooledge <wooledg@xxxxxxxxxxx> wrote:
On Thu, Sep 06, 2007 at 01:52:17AM +0200, Radek Hladik wrote:
Hi,
all I wanted was to force SSHd to accept root logins only from
localhost.

If nobody else comes up with an answer, then try this one:

Run two (or more) instances of sshd. Bind one of them to the loopback
interface, and let it allow root users. Bind the other(s) to the "real"
network interface(s), and let them deny root users.