HOW TO MANAGE SSH ACCESS IN LINUX


Hie Frnd's
Today We Are Going To See , How To Manage SSH Login in Linux .
So Here Will Do Following Task :

1: DISABLE SSH FOR ROOT USER
2: ENABLE SSH FOR ROOT USER
 3: ENABLE SSH FOR OTHER USERS
  4: DISABLE SSH FOR OTHER USERS

For This Task We Have To Edit "/etc/ssh/sshd_config" File

Edit /etc/ssh/sshd_config File With Any Editor , Here i m Going to use VI Editor
So Let's See 
1: DISABLE SSH FOR ROOT USER
vi /etc/ssh/sshd_config
Search for the following line in the file.
#PermitRootLogin no
Remove the ‘#‘ from the beginning of the line.  Make the line look like similar to this.
PermitRootLogin no
Next, we need to restart the SSH daemon service.
# /etc/init.d/sshd restart
Now try to login with root user, you will get “Access Denied” error.
login as: root
Access denied
root@172.31.41.51's password:
                               2: ENABLE SSH FOR ROOT USER

# vi /etc/ssh/sshd_config
Search for the following line and put the ‘#‘ at the beginning and save the file.
# PermitRootLogin no
Restart the sshd service
# /etc/init.d/sshd restart
Now try to login with root user.
root@172.16.25.126's password:
Last login: Tue Nov 20 16:51:41 2012 from 172.16.25.125
[root@tecmint ~]#
                                    3: ENABLE SSH FOR OTHER USERS


If you have large number of user accounts on the systems, then it makes sense that we limit remote access to those users who really need it. Open the /etc/ssh/sshd_config file.
# vi /etc/ssh/sshd_config
Add an AllowUsers line at the bottom of the file with a space separated by list of usernames. For example, user sam and securitytweaks both have access to remote ssh.

AllowUsers sam securitytweaks
4: DISABLE SSH FOR OTHER USERS

If you have large number of user accounts on the systems, then it makes sense that we limit remote access to those users who Dont need it. Open the /etc/ssh/sshd_config file.
# vi /etc/ssh/sshd_config
Add an DenyUsers line at the bottom of the file with a space separated by list of usernames. For example, user sam and securitytweaks both do not access to remote ssh.
DenyUsers sam securitytweaks
Restart the sshd service
# /etc/init.d/sshd restart
Hope It Will Help You .

0 comments: