[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: disable ssh/login for individual an account?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: disable ssh/login for individual an account?
From: Sebastian Stark <seb_(_at_)_gosh_(_dot_)_todesplanet_(_dot_)_de>
Date: Thu, 16 Nov 2000 16:10:34 +0100
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

patrick denton wrote:
> I'm using an account called (renamed to protect the innocent) "fwadmin"
> which only has permissions by way of sudo to vi /etc/ipf.rules, vi
> /etc/ipnat and execute ipf, ipnat, ipmon and ipfstat.   I would like to
> make it so that you CANNOT ssh into this account remotely but you CAN su
> to it once your logged on as yourself.  I was wondering if anyone would
> have a particular favorite method for this.  I'm not even sure if this
> is more of an OpenSSH question either so be gentle with the flame
> throwers.  Thanks in advance.

"DenyUsers fwadmin" in /etc/sshd_config.

Yes, this is an OpenSSH question and is covered in the manpage sshd(8).

(Don't forget to put "fwadmin" in /etc/ftpusers)

References:
- disable ssh/login for individual an account?
  - From: patrick denton

Prev by Date: Re: Sendmail
Next by Date: snmp & tunnel interfaces ...
Previous by thread: disable ssh/login for individual an account?
Next by thread: snmp & tunnel interfaces ...
Index(es):
- Date
- Thread

Visit your host, monkey.org