Thursday, April 30, 2009

How to allow ONLY selected users to ssh a server?

Recently, I had a requirement where I have to allow only 3-4 users to be able to ssh a server. This server was for specific purpose and we did not want everyone to login there. For this, I disabled telnet/rlogin/ftp/rsh and any other possible way to connect to the server except ssh.

For further filtering in ssh to allow only selected users, I modified /etc/ssh/sshd_config file to add following line:

AllowUsers unixgeek paul john

One more thing, while doing this, make sure to restart ssh by doing following:

For Solaris 10 OS:
# svcadm refresh svc:/network/ssh

For Redhat Linux
# service sshd restart

With this in place, only unixgeek, paul and john will be able to ssh to this server.

Voila! Mission accomplished! :-)

No comments: