ssh security tip allow ssh login to only certain users | AllowUsers | DenyUsersFollow @ggarron
As Telnet was the most common way to access a Linux server years ago, now a days it is ssh, it is secure, it is encrypted, but anyway you can improve the security even more, and today we’ll see one tip to do this.
If you have a server with a lot of users that have access to it, maybe, by the console, or using a terminal, but only some of them really need to access the server via ssh. Well a good idea is to allow ssh login only to those specific users.
Enable ssh access / login to Linux to specific users
Let’s say we only want to allow ssh login to mickey, donald and goofy.
sshd_config file add the following line, or edit it to look like this one:
AllowUsers mickey donald goofy
Now only those users will be able to log into the system using ssh protocol.
Disable ssh access to some users
The previous way, will allow access to mickey, donald and goofy, and disallow to the rest of users, you may want to go the other way, and allow to everyone but some of them.
Let’s say we need all users to log into the system using ssh protocol, except minnie, daisy and clarabella.
Be sure to comment,
AllowUser line or erase it, and add the next line:
DenyUsers minnie daisy clarabella
Now, all users have access to the system but those three.
Seriously talking, it may be better to grant access to minnie, daisy and clarabella, and not to mickey, donald and specially goofy :).