Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 26 Mar 2006 12:09:50 -0800
From:      Graham North <northg@shaw.ca>
To:        Daniel Gerzo <danger@rulez.sk>
Cc:        mark@mkproductions.org, questions freebsd <freebsd-questions@freebsd.org>
Subject:   Re: Tightening up ssh
Message-ID:  <4426F50E.3050801@shaw.ca>
In-Reply-To: <1791241722.20060326215910@rulez.sk>
References:  <4426F0EB.5040109@shaw.ca> <1791241722.20060326215910@rulez.sk>
next in thread | previous in thread | raw e-mail | index | archive | help 
--=======AVGMAIL-4426F50E60AA=======
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Hi Daniel
Thank you!  If I read the manpage correctly, invoking AllowUsers 
automatically changes the default behaviour and restricts access to only 
those users specificied.   That fits my needs exactly.   (or at least my 
current perceived needs :--))
Cheers, Graham/


Daniel Gerzo wrote:

>Hi Graham,
>
>Sunday, March 26, 2006, 9:52:11 PM, you wrote about:
>
>  
>
>>Does this mean that there is a way to run ssh, but only allow
>>certain users to use it.   My default seems to have been that if
>>someone has a username and password they can access ssh (except root
>>as "PermitRootLogin no" is the default).   The ssh port seems to be
>>the most heavily attacked one on my machine and so I recently took
>>to blocking port 22.   My preference would be to enable it to only
>>one user and give them an obscure username and strong password. 
>>Root is not currently allowed access by default in the setup.
>>    
>>
>
>check the AllowUsers and AllowGroups directive in sshd_config(5)
>
>  
>

-- 
Kindness can be infectious - try it.

Graham North
Vancouver, BC
www.soleado.ca



--=======AVGMAIL-4426F50E60AA=======
Content-Type: text/plain; x-avg=cert; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Content-Description: "AVG certification"

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.1/292 - Release Date: 3/24/2006

--=======AVGMAIL-4426F50E60AA=======--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4426F50E.3050801>