Subject: Re: brain dead question: remote user restrictions
To: None <port-cobalt@netbsd.org>
From: Christopher Schultz <chris@christopherschultz.net>
List: port-cobalt
Date: 11/17/2005 09:23:11
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig656BDDA7D6D4A96E4289D92D
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Brian,
> Nov 17 09:56:35 bmcewen sshd[23706]: User <user> from <IP> not allowed
> because not listed in AllowUsers
>
> for the life of me I can't 'locate' an AllowUsers
> file as mentioned by sshd
The file you're looking for is 'sshd_config', and it's usually in
/etc/sshd, but could be somewhere else depending on how you installed it.
If you look at the man page for 'sshd_config', it has this to say about
the "AllowUsers" setting:
AllowUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for
user names that match one of the patterns. `*' and `?' can be
used as wildcards in the patterns. Only user names are valid; a
numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form USER@HOST
then USER and HOST are separately checked, restricting logins to
particular users from particular hosts.
My guess is that you've set up something for AllowUsers and you simply
need to add your new user to this list.
-chris
--------------enig656BDDA7D6D4A96E4289D92D
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDfJJP9CaO5/Lv0PARAvU+AJ9aEB8fyOd02Paz9xDB/ru6hj/KFwCfcdYj
xuBgw7M+hRvJURgmSlAjoj0=
=TB+1
-----END PGP SIGNATURE-----
--------------enig656BDDA7D6D4A96E4289D92D--