In an organization where when a server goes live an administrator would need to create a users with variable privileges . Some users will have special permissions with root credentials. We here are trying to block that privileged users from direct ssh log in.
To Deny a User
Open /etc/ssh/sshd_config file:
# vi /etc/ssh/sshd_config
Append following names (directives):
To Deny a Group
Append the following line
To Deny a Host/Network
Open /etc/hosts.deny and add the following line
it will block all the traffic from network 192.168.0.0/24
If you want to allow a single network add the following
sshd: ALL EXCEPT 192.168.0.0/255.255.255.0
It will block all the traffic other than 192.168.0.0/24 network.
To take effect these changes restart sshd
service sshd restart
With the above settings user , group and hosts can be blocked.
[…] SSH connections only from admin networks. Exclude User networks. This article help you to disables Hosts and Groups to SHH Leave a Reply 7 views, 3 so far today | […]