Question restricting ssh access for some users only

Mark Stanislav KryptoBSD at uncompiled.com
Thu Oct 7 11:40:12 PDT 2004


On Oct 7, 2004, at 2:34 PM, Mark Ogden wrote:

> Vlad GALU on Thu, Oct 07, 2004 at 09:22:16PM +0300 wrote:
>> On Thu, 7 Oct 2004 12:06:30 -0600, Mark Ogden <ogden at eng.utah.edu> 
>> wrote:
>>> Volker Kindermann on Thu, Oct 07, 2004 at 07:54:17PM +0200 wrote:
>>>> Hi Jim,
>>>>
>>>>
>>> But what if you have 1000 users? From my understanding you would have
>>> to add all users to the AllowUsers list.
>>

Why can't you just make a script to do that?

>>     Or simply add all of them to one of the groups specified in 
>> "AllowGroups".
>
> Yes I do understand how that would work. Yet me better explain what we
> would like to do: We have over 9000 users and about 100 different
> groups. We would like to allow root ssh login to our machines but only
> from one or two machines. We like to have root login to be able to run
> remote commands to all our machines. So is there a way to limit roots
> login from one or two machines?

Why not just let them use 'sudo' or better yet, just give them access 
to become root after they login to their initial shell?

-Mark

>
> -Mark
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to 
> "freebsd-security-unsubscribe at freebsd.org"



More information about the freebsd-security mailing list