[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: disable ssh/login for individual an account?

To: misc@openbsd.org
Subject: Re: disable ssh/login for individual an account?
From: Sebastian Stark <seb@gosh.todesplanet.de>
Date: Thu, 16 Nov 2000 16:10:34 +0100
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <3A13E71B.38CBC364@dataops.net>
User-Agent: Mutt/1.2.2i

patrick denton wrote:
> I'm using an account called (renamed to protect the innocent) "fwadmin"
> which only has permissions by way of sudo to vi /etc/ipf.rules, vi
> /etc/ipnat and execute ipf, ipnat, ipmon and ipfstat.   I would like to
> make it so that you CANNOT ssh into this account remotely but you CAN su
> to it once your logged on as yourself.  I was wondering if anyone would
> have a particular favorite method for this.  I'm not even sure if this
> is more of an OpenSSH question either so be gentle with the flame
> throwers.  Thanks in advance.

"DenyUsers fwadmin" in /etc/sshd_config.

Yes, this is an OpenSSH question and is covered in the manpage sshd(8).

(Don't forget to put "fwadmin" in /etc/ftpusers)

References:
- disable ssh/login for individual an account?
  - From: "patrick denton" <patrick.denton@dataops.net>

Prev by Date: RE: subnets, not routing etc.
Next by Date: snmp & tunnel interfaces ...
Prev by thread: disable ssh/login for individual an account?
Next by thread: Re: disable ssh/login for individual an account?
Index(es):
- Date
- Thread