Russ Kay wrote:
... Say I have a server with 8 IPs. I want to disallow root login to 7
of the IPs, and on the 8^th I want to ONLY allow root to login (via
SSH). ...
With OpenSSH, try "man sshd_config". There is this file (usually
/etc/ssh/sshd_config, though some systems have /etc/sshd_config instead)
that configures sshd. The options that you want are "ListenAddress",
"PermitRoot", and "AllowUsers". I have not tried this, but you should be
able to set "ListenAddress" to override the default of all (eight) local
addresses.
You will need two config files. Once they are ready, start sshd like this:
# sshd -f /etc/ssh/sshd_config_for_users
# sshd -f /etc/ssh/sshd_config_for_root
If you want to restart sshd, terminate or kill them first with pkill or
killall:
# pkill -15 sshd
# pkill -9 sshd
- George Koehler
