Date: Sat, 20 Nov 2004 13:29:09 -0500 (EST) From: Francisco <francisco@natserv.net> To: Mark Ogden <ogden@eng.utah.edu> Cc: Vlad GALU <vladgalu@gmail.com> Subject: Re: Question restricting ssh access for some users only Message-ID: <20041120132543.L7533@zoraida.natserv.net> In-Reply-To: <20041007183400.GA25339@yem.eng.utah.edu> References: <cvuam0t1l2u7npnigk6oqrlq288hlu0mgn@4ax.com> <20041007180630.GA25130@yem.eng.utah.edu> <20041007183400.GA25339@yem.eng.utah.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Oct 2004, Mark Ogden wrote: Coming.. way late to the discussion.. > groups. We would like to allow root ssh login to our machines but only > from one or two machines. For starters I don't think it is a good idea to allow remote root logins There are several ways to do what you want. A few options If you only need the root users to login, set the firewall to only allow ssh from specific IPs. Set a user that can ssh and either configure sudo or allow user to su. >We like to have root login to be able to run >remote commands to all our machines. That sounds like something you could do with a regular user + sudo. > So is there a way to limit roots > login from one or two machines? Yet another approach, you can turn on to allow connections with keys only. No password authentication. Then enable root.. or better another ID which can su or sudo the commands you need.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041120132543.L7533>