Home > Security > AllowUsers

AllowUsers

June 19, 2005 Posted by KP

Currently every website matches one shell account on my servers, I always feel it’s insecure to have more than a dozen accounts, but never taken a minute to think about how to change it.

AllowUsers parameter in sshd is just for it, to allow only one account to login with ssh, add the following line in /etc/sshd_config:

AllowUsers account_name

If you have a static IP address for login, you can make it more secure, for example:

AllowUsers account_name@192.168.1.32

Restart sshd after the file is modified:

# /etc/rc.d/sshd reload

For detailed information, please refer to the handbook.

Note: you should test the login before closing all terminals, a spelling error can lock yourself out of the server.

Update: I strongly suggest you change sshd port and reduce server visibility, which can eliminate all ssh login attempts.

Bookmark and Share


Related Posts:

Filed Under: Security

Leave a Comment









*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word


Subscribe via RSS/EMail


Categories

Archives

Links

  • Dedicated Servers

    • Meta