prevent-user-ssh-login
Uncategorized

Prevent User SSH Login

Prevent User SSH Login

When you want to share your Linux user account to allow other user to access your computer for specific tasks.
For example, login your FTP (Ignore the anonymous login)
You will provide the user account name and password for other user.
However, on that time your system will be in danger if the user wants to access to your computer with other daemon, such as SSH.

Prevent User SSH Login
Sharing account for public user to access into your FTP Server

Prevent User SSH Login
Somehow, public user can access to your system by using other daemon, such as SSH.
Public user can destroy your data

So, how to prevent that situation ?
Shutdown your SSHD is one of method, but if you need to remote control to your computer.
This is not a good idea.

Before you launch the daemon or user account.
You should limit the user account permissions.

Prevent User SSH Login
Type

sudo gedit /etc/passwd

(use any text editor to open /etc/passwd with root permission)

Prevent User SSH Login
Search your target user accounts to modify the user account which you would like to limit its permissions.

Prevent User SSH Login
modify /bin/bash to /sbin/nologin

Prevent User SSH Login
And now try to access the computer with SSH.
However, you should no longer to access the specific accounts.