I have testuser
and I want that user to be able log-in locally, but not via ssh
. How can I implement that?
Asked
Active
Viewed 3,798 times
22

Aquarius_Girl
- 391

Sergiy Kolodyazhnyy
- 105,154
- 20
- 279
- 497
2 Answers
16
Artyom answer is correct. I'd just like to point that there is also the possibility to opt for a 'white-list' approach instead of the 'black-list' one by putting a line like this in /etc/ssh/sshd_config:
AllowUsers AuthorizedUser1 AuthorizedUser2
and reloading ssh service (service ssh restart
)
Then every other user will be denied ssh access (be careful not to lock yourself out ;-) )

e-Jim
- 261
AllowUser AuthorizedUser1@[ip-address]
I believe. This should only allow that specific user when coming from the mentioned IP address – vrms Apr 05 '19 at 20:28