[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: disable ssh/login for individual an account?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: disable ssh/login for individual an account?
- From: Sebastian Stark <seb_(_at_)_gosh_(_dot_)_todesplanet_(_dot_)_de>
- Date: Thu, 16 Nov 2000 16:10:34 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
patrick denton wrote:
> I'm using an account called (renamed to protect the innocent) "fwadmin"
> which only has permissions by way of sudo to vi /etc/ipf.rules, vi
> /etc/ipnat and execute ipf, ipnat, ipmon and ipfstat. I would like to
> make it so that you CANNOT ssh into this account remotely but you CAN su
> to it once your logged on as yourself. I was wondering if anyone would
> have a particular favorite method for this. I'm not even sure if this
> is more of an OpenSSH question either so be gentle with the flame
> throwers. Thanks in advance.
"DenyUsers fwadmin" in /etc/sshd_config.
Yes, this is an OpenSSH question and is covered in the manpage sshd(8).
(Don't forget to put "fwadmin" in /etc/ftpusers)
Visit your host, monkey.org