Hi MCG,
Don't know the reason why you want to enable remote root logins, but:
man sshd_config says:
---
AllowUsers
This keyword can be followed by a list of user name
patterns, separated by spa- ces. If specified, login is allowed only
for user names that match one of the patterns. Only user names are
valid; a numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form [EMAIL PROTECTED] then
USER and HOST are separately checked, restricting logins to particular
users from particular hosts. The allow/deny directives are processed
in the following order: DenyUsers, AllowUsers, DenyGroups, and finally
AllowGroups.
---
So, if you have "DenyUsers root" that's it - no root logins...
Better would be setup:
PermitRootLogin no
AllowUsers normaluserid
Get some help from "su -" and/or "sudo "
PS: Use ssh -vvv to get more debug messages...
On Tue, 30 Jan 2007 16:29:13 +0800 / MCG ZHUANG Liang wrote:
With a subject: AllowUser, DenyUser don't work.
> Hello,
> I try to restrict some kind of login through AllowUser and DenyUser
> but failed.
> openssh version: 4.5
> What I want: disable root login from network outside 192.17.0.0
> What I wrote into /etc/ssh/sshd_config
> ***************************
> DenyUsers root
> AllowUsers [EMAIL PROTECTED]
> ***************************
> However, after that not only root can not login from anywhere, but all
> the other accounts are also disabled
>
> Anything I did wrong?
>
> Regards,
> Zhuang Liang.
>
>
>
>
>
> .
>
--
Rgds,
Kamchybek Jusupov
Attitude is no substitude for competence...
GPG Key: C565 2827 0858 ECFE 74D7 A556 7B09 59DA B6C8 FF8C
