Re: More SSH 'trolling'

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: More SSH 'trolling'
From: John Thompson <JohnThompson@xxxxxxxxxx>
Date: Thu, 14 Oct 2004 14:24:22 -0500
In-reply-to: <[email protected]>
Organization: The Crimson Permanent Assurance
References: <[email protected]> <[email protected]>
Reply-to: john@xxxxxxxxxxx, For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 0.8 (X11/20040913)

Mike Ramirez wrote:

The safest be for this is to make sure that any user in /etc/passwd and /etc/shadow has there shell set to nologin that doesn't need SSH

What I do is only allow certain user names ssh access from outside. E.g. from /etc/ssh/sshd_config:

	AllowUsers john skylar

This only allows my son and I to use ssh; everything else gets rejected with an "illegal user" error.

--

-John (john@xxxxxxxxxxx)

References:
- More SSH 'trolling'
  - From: Brian Fahrlander
- Re: More SSH 'trolling'
  - From: Mike Ramirez