原贴:http://blog.chinaunix.net/u/13329/showart.php?id=84747
SSH--只允许个别用户登陆SSH
|
|
|
1)编辑/etc/pam.d/sshd
在文件内加入
auth required pam_listfile.so item=user sense=allow file=/etc/sshusers onerr=fail
[root@book ~]# vi /etc/pam.d/sshd
#%PAM-1.0
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
auth required pam_listfile.so item=user sense=allow file=/etc/sshusers onerr=fail
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
2)建立/etc/sshusers文件
[root@book ~]#
touch /etc/sshusers
3)把允许登陆的用户加入到 /etc/sshusers
echo "root" >> /etc/sshusers
echo "admin_cnscn" >> /etc/sshusers
...
则以后只有root和admin_cnscn可以登陆ssh
| |