On 1/20/06, Vladimir Levijev <[EMAIL PROTECTED]> wrote: Hi,
> > > You forgot to mention the DenyUsers part: > > > > > > DenyUsers '*' > > > AllowUsers myuser > > > > I think you'll find that'll stop any users matching the DenyUsers pattern > > (ie all of them). > > > > You only need AllowUsers; if set then users not matching it (or > > AllowGroups) will be denied. > > Why don't you try, before you "think". Or at least, read the fine > manual. Here is a hint: > > man sshd_config | grep Users -A9 Sorry, my bad. It appeared, that parameter takes values without the quotes. So it acts really strange way if you add '*' (quoted) value. When I tested what I've proposed (I've tested it with unprivileged user and root, adding unprivileged user to AllowUsers) I could not login with root any longer (usually I can) but could with the user. So it looked like it works. Now I figured if I add * (unquoted) value to DenyUsers it denies all. And the option AllowUsers works fine (accept only listed) alone. My apologies, -- [EMAIL PROTECTED]
