Allow/Deny Specific Users to Login via SSH on Ubuntu 18.04

koromicha
|
Last Updated:
|
HowTos, SSH, Ubuntu 18.04
|
1 Comment

Hello there, today we are going to learn how to allow/deny specific users to login via SSH on Ubuntu 18.04 system.

Allow/Deny Specific Users to Login via SSH on Ubuntu 18.04

  • Allow Specific Users to Login via SSH on Ubuntu 18.04

    In order to allow specific users or a specific group of users to login to an Ubuntu 18.04 system via SSH, AllowUsers or AllowGroups options can be used in SSH daemon configuration file, /etc/ssh/sshd_config.

    For example, to allow users, amos and admin to login, edit the SSHd configuration file  and add the line below;

    vim /etc/ssh/sshd_config
    ...
AllowUsers amos admin

    Once changes are made, restart SSH.

    systemctl restart ssh

    Now, if you try to login as any other user apart from the two allowed above, you should get permission denied.

    ssh [email protected]
[email protected]'s password: <Password>
Permission denied, please try again.

    If you check authentication logs, it states clearly;

    Mar 27 19:46:07 u18svr sshd[886]: User mibey from 192.168.0.101 not allowed because not listed in AllowUsers

    To allow a specific group of users to login, you would add the following line to SSHd configuration file;

    AllowGroups administrators

    This will allow only the members of the administrators group login

    getent group administrators
administrators:x:1004:admin,mibey

    If you try to login as a user who is not a member of the administrators group, you will get permission denied.

    ssh [email protected]
[email protected]'s password:
Permission denied, please try again

  • Deny Specific Users to Login via SSH on Ubuntu 18.04

    Similarly, to deny a specific user from logging in via SSH, you simply use the DenyUsers or DenyGroups option with a list of users or groups to deny access respectively.

    DenyUsers amos mibey

    If you try to login as any of the above users, you will get permission denied.

    To deny a group of users, say the administrator group whose members are admin and mibey, you would add the following line to SSHd configuration file.

    DenyGroups administrators

Remember to reload SSH whenever you make any changes.

Great, that is all about how to allow/deny specific users to login via SSH on Ubuntu 18.04 system. Enjoy

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
koromicha
I am the Co-founder of Kifarunix.com, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

Related Posts

How to Use VeraCrypt on Command Line to Encrypt Drives on Ubuntu

Quick Guide: Configure Apache Kafka SSL/TLS Encryption for Enhanced Security

Install and Configure Snort 3 on Rocky Linux

5 things to remember when using a rapid eLearning authoring tool for gamification

Privacy Coins: Exploring Cryptocurrencies with Enhanced Anonymity

Install and Setup VeraCrypt on Rocky Linux

1 thought on “Allow/Deny Specific Users to Login via SSH on Ubuntu 18.04”

  1. if I want to allow user to remote via SSH but only for specific folder e.g. folder web1 inside home. He only can access that folder not the root or another system folder. How to make the configuration?

    Reply

Leave a Comment

© 2024 kifarunix.com

Home Advertise with us Privacy Policy