> 3) Modify the sshd_config to include an Allow/Deny directive. You
> can get quite crafty with this, and it's really pretty easy to do.
> Me, I limit access only to one user account, but I think you can also
> specify connections from only certain networks or specific hosts --
> again, there are resources on the web for that, too. You can get
> quite granular, but be sure you don't lock yourself out if suddenly
> you have to shell into your server from your Aunt Margaret's house
> one Sunday morning in an emergency.
You can also restrict access by group. I have a group called 'sshusers'. If
a user needs ssh access, they're added to the group. If not, they're not.
Here's the line in /etc/sshd_config that enables this (2 groups, admin and
sshusers, are allowed here):
AllowGroups admin sshusers
--
Randall Perry
sysTame
Xserve Web Hosting/Co-location
Website Development/Promotion
Mac Consulting/Sales
http://www.systame.com/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
