• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to restrict ssh logins by user and client address on CentOS/RHEL

By admin

Question: A user would like to restrict the ssh login access to a server by a specific user and/or by client ip address. How this can be achieved?

Note: The configuration may differ between Oracle Linux 6 and 7 due to differences in the versions of OpenSSH bundled with each operating system.

CentOS/RHEL 7 allows “nested” configuration in /etc/ssh/sshd_config. The following is an example:

# vi /etc/ssh/sshd_config
Match User testuser
AllowUsers *@192.168.1.x

However, in CentOS/RHEL 6, sshd cannot parse the nested configuration so you may need to consider the following workaround.

The following example demonstrates that the user “testuser” can be logged in from 10.0.0.1 only, and the rest of the listed users can login from any host. Note that you need to list all the users who can be allowed to login, which is the downside of not supporting nested configuration.

# vi /etc/ssh/sshd_config
AllowUsers testuser@10.0.0.1 root oracle grid user1 user2

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Manage ASM Audit Files with syslog – configure lograte and auditing
  2. How to Change the default kernel (boot from old kernel) in CentOS/RHEL 8
  3. How to install an RPM package into a different directory in CentOS/RHEL/Fedora
  4. CentOS / RHEL 7 : sysctl kernel parameter doesn’t take effect after reboot
  5. CentOS / RHEL : How to change password hashing algorithm
  6. Server Application Getting “connection refused” From Remote Servers [due to firewalld or iptables] – CentOS/RHEL 7
  7. CentOS / RHEL 7 : systemd-analyze command to find booting time delays
  8. How to Boot into Rescue Mode or Emergency Mode Through Systemd in CentOS/RHEL 7 and 8
  9. What are the Network Bonding Modes In CentOS / RHEL
  10. CentOS / RHEL 7 : How to create custom script to run automatically during boot

You May Also Like

Primary Sidebar

Recent Posts

  • SQL script to find tables that are fragmented
  • TRUNCATE TABLE not releasing space from tablespace
  • How to reclaim entire space of an oracle database table with “Truncate Table” statement
  • Oracle SQL Script to Report Tablespace Free and Fragmentation
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary