Depending on the role of your system and which user accounts are configured on it, you may not want all of its registered users to have access through SSH. This recipe shows you how to configure the SSH server to restrict remote user access by explicitly granting or denying the users access.
This recipe requires a CentOS system running the OpenSSH server. Administrative privileges are also required, either by logging in with the root
account or through the use of sudo
.
Follow these steps to restrict users' SSH access:
Open the SSH server's configuration file with your text editor:
vi /etc/ssh/sshd_config
Find the
PermitEmptyPasswords
option. Uncomment it and set its value tono
to disallow accounts with empty passwords:PermitEmptyPasswords no
To disallow remote access with the
root
account, locate and uncomment thePermitRootLogin
option and set its value tono
:PermitRootLogin no
Deny remote access for specific user accounts...