commands Linux

How to manage SSH permission for custom users under your server

Arunlal A4 Comments
Post Views: 1,243

Sometimes it is very useful to manage/assign the SSH authentication to a particular user, Click here for SSH root permission.
There are two directives in SSH configuration file to manage the SH permission for custom users, see the directive details below:

# Allowusers
# Denyusers

You can add the directives if they aren’t in conf file.

How to allow ssh as a user?

Syntax:

# vim /etc/ssh/sshd_config
-----
Allowusers $user1 $user1
-----

Restart SSH daemon

# /etc/init.d/sshd restart

How to denay ssh as a user?

# vim /etc/ssh/sshd_config
-----
Denyusers $user1 $user1
-----

Restart SSH daemon

# /etc/init.d/sshd restart

Replace $user with username which you want.

Example:
Deny the SSH as user “crybit” on server,

# vim /etc/ssh/sshd_config
-----
Denyusers crybit
-----

Restart SSH daemon

# /etc/init.d/sshd restart

Sample output:

[root@localhost ~]# ssh crybit@localhost
:::Hai, Welcome to crybit's SSH:::
crybit@localhost's password: 
..

That’s it..! 🙂 🙂

Related Links:
How to create a banner/welcome-note for SSH server
How to disable SSH login as root user – PermitRootLogin
/etc/hosts.allow
/etc/hosts.deny

Post navigation

Arunlal A

Senior System Developer at Zeta. Linux lover. Traveller. Let's connect! Whether you're a seasoned DevOps pro or just starting your journey, I'm always eager to engage with like-minded individuals. Follow my blog for regular updates, connect on social media, and let's embark on this DevOps adventure together! Happy coding and deploying!

4 thoughts on “How to manage SSH permission for custom users under your server

  1. Pingback: How to create a banner/welcome-note for SSH server | crybit
  2. Pingback: How to disable SSH login as root user - PermitRootLogin | crybit
  3. Pingback: How/Syntax to allow SSH connection on server - /etc/hosts.allow | crybit
  4. Pingback: How/Syntax to block/deny SSH connection on server - /etc/hosts.deny | crybit

Leave a Reply

Your email address will not be published. Required fields are marked *