Kevin Chan:
> Hi, I was wondering if it is possible for root access to be strictly
> limited to using su (i.e., not able to do ssh root@whatever or to ssh into
> a server as root from windows/mac client). Currently we have 2 machines
> running SSH(1) on version 1.2.27.
>
> So if anyone has an idea, please let me know.
You can use 'DenyUser root' in /etc/sshd_config or whereever your
config-files on the server with sshd is. I think you have to HUP the
sshd in order for the changes to have effect.
(This is fairly well described in man sshd(8), so I recommend having a
look there as there are also other allow/deny rules for user/group/host
that may be of interest.)
Magni :)
--
ulimit is good for you.
