Disable ssh and sftp login in CentOS

Source: Internet
Author: User
In linux, for security purposes, we disable some users from logging on to the system through SSH. Here I will take the centos Operating system as an example to record how to handle it. 1. open the sshd configuration file vi/etc/ssh/sshd_config2, modify the configuration file, add or modify the following lines # Disable user1 login, multiple spaces are separated into DenyUsersuser1 # all users of group1 in the user group are prohibited from logging on. multiple spaces are separated into DenyGroupsgroup13 and

In linux, for security purposes, we disable some users from logging on to the system through SSH. Here I will take the centos Operating system as an example to record how to handle it.

1. open the sshd configuration file

 
 
  1. vi/etc/ssh/sshd_config

2. modify the configuration file and add or modify the following lines:

 
 
  1. # User user1 login prohibited, separated by spaces
  2. DenyUsers user1
  3. # Prohibit all users of group1 from logging on. Separate multiple spaces
  4. DenyGroups group1

3. after saving the configuration, restart sshd.

 
 
  1. /etc/rc.d/init.d/sshd restart

After the preceding configuration is complete, users or user groups can be prohibited from logging on. you can enter only one of the two parameters in step 1 and adjust them as needed. After the configuration is complete, run the following command on other linux machines:

 
 
  1. # Test using ssh
  2. [Root @ ServerA ~] # Ssh user1@192.168.1.168
  3. User1@192.168.1.168's password:
  4. Permission denied, please try again.
  5. # Test with sftp
  6. [Root @ ServerA ~] # Sftp user1@192.168.1.168
  7. User1@192.168.1.168's password:
  8. Permission denied, please try again.

As you can see, it is indeed forbidden by the system, thus completing the control we want. However, one drawback is that sftp is not allowed, but ssh is not allowed. to do so, it is estimated that only an ftp server, such as vsftp, can be set up separately.


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.