By default CentOS allows ssh access to all users who can authenticate with the server. This can be a security risk especially when you have setup the server to authenticate against an Active Directory domain. In this case all the users on the domain can login via ssh to your CentOS server. You can, however, very easily restrict logins to specific users, computers, or even users on specific computers.

To do this, edit /etc/ssh/sshd_config by adding the AllowUsers directive in the following format.

AllowUsers user@host

This allows the user ‘user’ to login at the host named ‘host’. Multiple users can listed by separating each with a space. You can also use * to specify wildcards. You can also specify IP addresses and ranges using *.

AllowUsers *@192.168.1.* johndoe@192.168.1.3

This will allow all users to log into all computers with address starting with 192.168.1 and the user johndoe to log only into the with IP address 192.168.1.3.

This will work for other Linux OSes as well.

 

I found out today that HyperTerminal is no longer included in Windows Vista when I wanted to connect to the console port of a switch. You can still get HyperTerminal Personal Edition from Hilgraeve, the company Microsoft licensed the software from. The better alternative is Putty. With Putty you can also have Raw, Telnet, Rlogin, and SSH sessions in addition to Serial. You can download Putty from here.

© 2012 !NSFW Suffusion theme by Sayontan Sinha