[TriLUG] SSH root limitation

Michael Thompson thompson at easternrad.com
Tue Oct 22 14:19:38 EDT 2002 

Looks promising!  Thanks!

--mwt

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Check out /etc/security/access.conf  (RedHat at least)
>
> Jeff
>
> Michael Thompson wrote:
> | Is there a way to disable all root logins through ssh EXCEPT when a
> login | comes from a certain ip address?  I already have the
> 'PermitRootLogin no' | set in the /etc/ssh/sshd_config file.  This
> forces me to login using a | regular user and then su to root if needed,
> which is what I want.  I need | one workstation to be able to login to
> this machine (actually about 5 | machines) directly as root for backup
> purposes using rsync through ssh.  I | have checked the man page for
> sshd_config and did not see anything | helpful.
> |
> | OR:  How can I use sudo to allow a regular user to rsync directories
> from | remote servers with root privileges?  I need to backup files that
> are only | readable by root.  My rsync scripts run from the backup
> server, this way | we can keep the admin down to one machine...
> |
> | Does any of this make any sense or should I just allow root logins
> through | ssh again (it worked fine then...) and be done with it?
> |
> | Any help or comments would be greatly appreciated!
> |
> | Thanks!
> |
> | Michael Thompson
> |
> |
> |
> | _______________________________________________
> | TriLUG mailing list
> |     http://www.trilug.org/mailman/listinfo/trilug
> | TriLUG Organizational FAQ:
> |     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
>
> - --
> Jeff Bollinger
> University of North Carolina
> IT Security Analyst
> 105 Abernethy Hall
> mailto: jeff_bollinger at unc dot edu
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.0 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE9tZDsvoVlxVBmgsURAhvdAKDpiewUQhWw0hqKgkjbebVIVzW0OACfbz4U
> NpdQn3LgkW89FjFujYEMPIk=
> =OQvV
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html

More information about the TriLUG mailing list