SShd_config and AllowUsers

M

m2000

Verified User
Joined
May 2, 2018
Messages
14
Hi
Step 3: Begin the installation!

**** SPECIAL NOTICE for non-root ssh logins ****
If logging in as a user other than admin or root (using su to gain root access):

You *must* add "AllowUsers username" to /etc/ssh/sshd_config before you log out from root or you'll lose root on the server forever, and you'll have to format.
Click to expand...

Is it meaning: only add followng text:
Code: 
AllowUsers username

or add these:
Code: 
AllowUsers root
AllowUsers admin
please help!
 
You have to add the name of the user you use to SSH to the server. So for example if your username is 'm2000', add the following:

AllowUsers m2000

and restart the ssh service
 
wtptrs said:
You have to add the name of the user you use to SSH to the server. So for example if your username is 'm2000', add the following:

AllowUsers m2000

and restart the ssh service
Click to expand...
Thanks.
It said:
Code: 
or you'll lose root on the server forever, and you'll have to format.

it said about losting root user, so i must add only
Code: 
AllowUsers root
I thought i must put only this code:
Code: 
AllowUsers username
and it protect root and other users from losting.
 
To be able to ssh as root (not recommended) root login needs to be enabled as well in the ssh config. You're better off giving your user (e.g. m2000) sudo access by adding it to /etc/sudoers and then only allowing ssh access to m2000.
 
Just add at the bottem of the sshd.config file

Code: 
AllowUsers root
AllowUsers m2000

and set

Code: 
PermitRootLogin no
 
m2000 said:
Hi


Is it meaning: only add followng text:
Code: 
AllowUsers username

or add these:
Code: 
AllowUsers root
AllowUsers admin
please help!
Click to expand...

Code: 
# adduser m2000

Code: 
# yum install sudo

Code: 
# adduser m2000 sudo

Code: 
# chmod -R 700 /home/m2000

Code: 
# sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup

Code: 
# sudo vim /etc/ssh/sshd_config

By default:

Code: 
AllowUsers root

Change for:

Code: 
AllowUsers m2000

Code: 
PermitRootLogin no

Or from unedited SSH with vim:

Code: 
# sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

Code: 
# sudo systemctl restart sshd.service

Restrict the root user for more security:

Code: 
# sudo echo "tty1" > /etc/securetty

Remember to add the user to this group so that it ends up working well. Use usermod -a -G. He also creates the group with: groupadd.

More:
https://www.ssh.com/ssh/sshd_config/
 
Last edited:
You must log in or register to reply here.
Back
Top