[TriLUG] SSH root limitation
Jeff Bollinger
jeff01 at email.unc.edu
Tue Oct 22 13:54:52 EDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Check out /etc/security/access.conf (RedHat at least)
Jeff
Michael Thompson wrote:
| Is there a way to disable all root logins through ssh EXCEPT when a login
| comes from a certain ip address? I already have the 'PermitRootLogin no'
| set in the /etc/ssh/sshd_config file. This forces me to login using a
| regular user and then su to root if needed, which is what I want. I need
| one workstation to be able to login to this machine (actually about 5
| machines) directly as root for backup purposes using rsync through ssh. I
| have checked the man page for sshd_config and did not see anything
| helpful.
|
| OR: How can I use sudo to allow a regular user to rsync directories from
| remote servers with root privileges? I need to backup files that are only
| readable by root. My rsync scripts run from the backup server, this way
| we can keep the admin down to one machine...
|
| Does any of this make any sense or should I just allow root logins through
| ssh again (it worked fine then...) and be done with it?
|
| Any help or comments would be greatly appreciated!
|
| Thanks!
|
| Michael Thompson
|
|
|
| _______________________________________________
| TriLUG mailing list
| http://www.trilug.org/mailman/listinfo/trilug
| TriLUG Organizational FAQ:
| http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
- --
Jeff Bollinger
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff_bollinger at unc dot edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE9tZDsvoVlxVBmgsURAhvdAKDpiewUQhWw0hqKgkjbebVIVzW0OACfbz4U
NpdQn3LgkW89FjFujYEMPIk=
=OQvV
-----END PGP SIGNATURE-----
More information about the TriLUG
mailing list