secure ssh server with AllowUsers

Pe linga setarile “PermitRootLogin no” si “Port 1200” din fisierul de configurare a serverului de ssh : /etc/ssh/sshd_config , exista si o optiune, buna din punctul meu de vedere, AllowUsers care permite doar anumitor utilizatori sa se conecteze la ssh. Iata ce zice MAN despre aceasta optiune :

This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. ‘*’ and ‘?’ can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts.

deci…. o linie:

AllowUsers secretadmin

in fisierul /etc/ssh/sshd_config , ar putea face minuni

atat.