Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: AllowUser, DenyUser don't work.

from [Giancarlo Razzolini] Network Security [Permanent Link]
Subject: Re: AllowUser, DenyUser don't work.
Date: Wed, 31 Jan 2007 09:24:36 -0200 
MCG ZHUANG Liang escreveu:

 Hello, 
I try to restrict some kind of login through AllowUser and DenyUser but
failed.
openssh version: 4.5
What I want: disable root login from network outside 192.17.0.0 
 What I wrote into /etc/ssh/sshd_config
***************************
DenyUsers root
AllowUsers root@192.17.*
***************************
However, after that not only root can not login from anywhere, but all
the other accounts are also disabled 

Anything I did wrong?

Regards,
Zhuang Liang.

 

 

.



First, you don't need the DenyUsers line. If you specify AllowUsers then
ONLY the users on AllowUsers can login. But you must set the
PermitRootLogin to yes. Then your AllowUsers rule will work, and only
hosts in the 192.17 network will be able to login as root. But why you
need to login directly as root?

-- 
Giancarlo Razzolini
Linux User 172199
Red Hat Certified Engineer no:804006389722501
Moleque Sem Conteudo Numero #002
Slackware Current
OpenBSD Stable
Ubuntu 6.10 Edgy Eft
Snike Tecnologia em Informática
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Attachment: signature.asc
Description: OpenPGP digital signature

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: AllowUser, DenyUser don't work., Barry Brimer
Next by Date:  Re: AllowUser, DenyUser don't work., Kamchybek Jusupov
Previous by Thread:  Re: AllowUser, DenyUser don't work., Barry Brimer
Next by Thread:  Re: AllowUser, DenyUser don't work., Kamchybek Jusupov
Indexes:  [Date] [Thread] [Top] [All Lists]