[TriLUG] SSH root limitation

Michael Thompson thompson at easternrad.com
Tue Oct 22 13:42:42 EDT 2002


Is there a way to disable all root logins through ssh EXCEPT when a login
comes from a certain ip address?  I already have the 'PermitRootLogin no'
set in the /etc/ssh/sshd_config file.  This forces me to login using a
regular user and then su to root if needed, which is what I want.  I need
one workstation to be able to login to this machine (actually about 5
machines) directly as root for backup purposes using rsync through ssh.  I
have checked the man page for sshd_config and did not see anything
helpful.

OR:  How can I use sudo to allow a regular user to rsync directories from
remote servers with root privileges?  I need to backup files that are only
readable by root.  My rsync scripts run from the backup server, this way
we can keep the admin down to one machine...

Does any of this make any sense or should I just allow root logins through
ssh again (it worked fine then...) and be done with it?

Any help or comments would be greatly appreciated!

Thanks!

Michael Thompson






More information about the TriLUG mailing list