Sunday, January 12, 2020

linux - Restrict root ssh from all but one IP/hostname

I'm wanting to restrict root ssh login coming from all but a single IP address.



I was under the impression that I just had to add this to /etc/pam.d/sshd:



account required pam_access.so



and this to /etc/security/access.conf:



-:root:ALL EXCEPT IPADDRESS


but that doesn't seem to be working.

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...