Disable ssh and sftp login in CentOS

In linux, for security purposes, we disable some users from logging on to the system through SSH. Here I will take the centos Operating system as an example to record how to handle it. 1. open the sshd configuration file vi/etc/ssh/sshd_config2, modify the configuration file, add or modify the following lines # Disable user1 login, multiple spaces are separated into DenyUsersuser1 # all users of group1 in the user group are prohibited from logging on. multiple spaces are separated into DenyGroupsgroup13 and

In linux, for security purposes, we disable some users from logging on to the system through SSH. Here I will take the centos Operating system as an example to record how to handle it.

1. open the sshd configuration file

 
 

  
  
vi/etc/ssh/sshd_config
 
 

2. modify the configuration file and add or modify the following lines:

 
 

  
  
# User user1 login prohibited, separated by spaces
  
  
DenyUsers user1
  
  

  
  
# Prohibit all users of group1 from logging on. Separate multiple spaces
  
  
DenyGroups group1
 
 

3. after saving the configuration, restart sshd.

 
 

  
  
/etc/rc.d/init.d/sshd restart
 
 

After the preceding configuration is complete, users or user groups can be prohibited from logging on. you can enter only one of the two parameters in step 1 and adjust them as needed. After the configuration is complete, run the following command on other linux machines:

 
 

  
  
# Test using ssh
  
  
[Root @ ServerA ~] # Ssh user1@192.168.1.168
  
  
User1@192.168.1.168's password:
  
  
Permission denied, please try again.
  
  

  
  
# Test with sftp
  
  
[Root @ ServerA ~] # Sftp user1@192.168.1.168
  
  
User1@192.168.1.168's password:
  
  
Permission denied, please try again.
 
 

As you can see, it is indeed forbidden by the system, thus completing the control we want. However, one drawback is that sftp is not allowed, but ssh is not allowed. to do so, it is estimated that only an ftp server, such as vsftp, can be set up separately.