Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

How to allow or deny SSH access to a particular user or group?

This tutorial will show how to enable or disable SSH access for the user or group by making a few changes in SSH default configuration file.

To do that, you should log in to your VPS as root or user with sudo privileges.

1. Enable SSH access to a particular user or group on VPS:

1.1 To allow SSH access for a particular user, for example, test, edit sshd_config file:

sudo vi /etc/ssh/sshd_config

1.2 Press "i" to enter into insert mode and add or edit the following line:

AllowUsers test

Note 1: Please take note of the space between "AllowUsers" and "test." Instead of using the Space-bar, you should use the Tab key. To put it another way, type "AllowUsers" and then press the Tab key to provide the username of your user. _

1.3 Also, you can specify more than one user:

AllowUsers test1 test2

1.4 To allow an entire group, for instance, root, add or modify the following line:

AllowGroups root

This will allow all the users of the "root" group to connect to a server via SSH.

1.5 After saving changes in SSH default configuration file, you should restart SSH service to take effect the changes with this command:

sudo systemctl restart sshd

If one of the non-allowed users try to log in, the user should receive the following message:

Permission denied, please try again.

2. Disable SSH access to a user or group

2.1 To disable SSH access to specific user called "test1", you will need to edit sshd_config file:

sudo vi /etc/ssh/sshd_config

2.2 Add or modify the following line in sshd_config file.

DenyUsers test1

2.3 To deny SSH access to multiple users, specify the usernames with space separated as shown below:

DenyUsers test1 test2

2.4 To disable SSH access to an entire group, for example, root, add the following line:

DenyGroups root

2.5 After saving these changes, restart ssh service:

sudo systemctl restart sshd

Now blocked users our groups will not be able to log in to the server via SSH.

Sign In or Register to comment.

Learn how to install a web and database server, email, FTP client or other applications. Discover and share information on server security or optimization recommendations.
Feel free to join our constantly expanding community, participate in discussions, strengthen your knowledge on Linux and Windows server management!
© 2013 - 2023 Time4VPS. All rights reserved.

Get In Touch