Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Block password authetication on specific  user on Linux

Posted on 2013-05-17
3
Medium Priority
?
605 Views
Last Modified: 2013-05-17
Hi,
I need to block password authentication for only specific users on Linux server, and leave key
option only. User can't be blocked to use password for other protocols like ftp

All changes should be done in sshd_config file
For UNIX I use following but it block all users on Linux

PasswordAuthDenyUsers user1 user2 user3
ChallRespAuthDenyUsers  [pam] user1 user2 user3

Thanks
0
Comment
Question by:IKeystone
3 Comments
 
LVL 27

Expert Comment

by:skullnobrains
ID: 39175602
create a group for your user in sshd_conf and deny whatever types of authentication you need in that group
0
 

Author Comment

by:IKeystone
ID: 39175815
Can you send me an example ?
0
 
LVL 31

Accepted Solution

by:
serialband earned 2000 total points
ID: 39176279
I believe the following should work on your linux system.

Create a group named keyonly and put your users in it.

Then add the following to /etc/ssh/sshd_config

Match Group keyonly
      PasswordAuthentication no
      ChallengeResponseAuthentication yes



You could also just match individual users.
Match User User_Name
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question