sshd configuration madness ...
Doug Hunley
doug.hunley at gmail.com
Thu May 10 09:21:07 PDT 2012
On Wed, May 9, 2012 at 6:16 PM, Vu Pham <vu at sivell.com> wrote:
>> I have this in my /etc/ssh/sshd_config
>>
>> AllowUsers root at 192.168.249.25
>>
>> and only the system .25 can ssh to my server as root. Others are denied.
>>
>
> I meant "Others systems are denied to ssh to my server as root".
That's exactly how it is supposed to work. If AllowUsers says
root@<complete IP> then only root@<complete IP> is allowed in. No
other ids from any other IP. Period. EOF. The AllowUsers directive
means literally 'allow as listed on this line only'
You should set 'PermitRootLogin' to 'without-password' which says that
any non-password (ssh keys, krb5, etc) will work, but NO interactive
type-roots-password logins will work
--
Douglas J Hunley (doug.hunley at gmail.com)
Twitter: @hunleyd Web:
douglasjhunley.com
G+: http://goo.gl/sajR3
More information about the Linux-users
mailing list