• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to restrict ssh logins by user and client address on CentOS/RHEL

by admin

Question: A user would like to restrict the ssh login access to a server by a specific user and/or by client ip address. How this can be achieved?

Note: The configuration may differ between Oracle Linux 6 and 7 due to differences in the versions of OpenSSH bundled with each operating system.

CentOS/RHEL 7 allows “nested” configuration in /etc/ssh/sshd_config. The following is an example:

# vi /etc/ssh/sshd_config
Match User testuser
AllowUsers *@192.168.1.x

However, in CentOS/RHEL 6, sshd cannot parse the nested configuration so you may need to consider the following workaround.

The following example demonstrates that the user “testuser” can be logged in from 10.0.0.1 only, and the rest of the listed users can login from any host. Note that you need to list all the users who can be allowed to login, which is the downside of not supporting nested configuration.

# vi /etc/ssh/sshd_config
AllowUsers testuser@10.0.0.1 root oracle grid user1 user2

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Linux OS Service ‘psacct’
  2. coredumpctl: command not found
  3. How to Force ASM to Scan the Multipathed Device First using ASMLIB/oracleasm
  4. “WARNING: Duplicate VG name [vgname]” – error while running LVM commands
  5. Understanding /etc/login.defs file
  6. How to grow/extend XFS filesytem in CentOS / RHEL using “xfs_growfs” command
  7. CentOS / RHEL : Installing and Configuring ASMLib
  8. Downgrading an rpm package to a lower version (using “rpm” command)
  9. How to modify snmp service to listen to an alternative port in CentOS/RHEL
  10. What is the difference between & (ampersand) and && (double ampersand) while executing simultaneous commands on Linux

You May Also Like

Primary Sidebar

Recent Posts

  • powertop Command Examples in Linux
  • powertop: command not found
  • powerstat: command not found
  • powerstat Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright