Demat,
Under the authentication section in the sshd_config file add a
line to deny users like this:
-----------------------------------------
# Authentication:
#LoginGraceTime 600
PermitRootLogin no
DenyUsers titi toto tutu tata <----
#StrictModes yes
-------------------------------------
You can also restrict users at the group level but note that this does not
stop anyone from logging in as themselves and SU'ing to the user that is not
allowed in,( assuming they know the password).
$ man sshd_config
[snip]
DenyUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. Login is disallowed for user names that
match one of the patterns. `*' and `'? can be used as wildcards
in the patterns. Only user names are valid; a numerical user ID
is not recognized. By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST are
separately checked, restricting logins to particular users from
particular hosts.
Hope this helps
Pat
Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
