Subject: Re: brain dead question: remote user restrictions
To: None <>
From: Christopher Schultz <>
List: port-cobalt
Date: 11/17/2005 09:23:11
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit


> Nov 17 09:56:35 bmcewen sshd[23706]: User <user> from <IP>  not allowed
> because not listed in AllowUsers
> for the life of me I can't 'locate' an AllowUsers
> file as mentioned by sshd

The file you're looking for is 'sshd_config', and it's usually in
/etc/sshd, but could be somewhere else depending on how you installed it.

If you look at the man page for 'sshd_config', it has this to say about
the "AllowUsers" setting:

        This keyword can be followed by a list of user name patterns,
        separated by spaces.  If specified, login is allowed only for
        user names that match one of the patterns.  `*' and `?' can be
        used as wildcards in the patterns.  Only user names are valid; a
        numerical user ID is not recognized.  By default, login is
        allowed for all users.  If the pattern takes the form USER@HOST
        then USER and HOST are separately checked, restricting logins to
        particular users from particular hosts.

My guess is that you've set up something for AllowUsers and you simply
need to add your new user to this list.


Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird -