Introduction:
Secure Shell (SSH) is a protocol used to connect servers remotely. By default, SSH allows all system users to try and authenticate, which can leave your server vulnerable. To improve server security, it’s a good idea to limit SSH access to only those users or groups who need it. In this article, we will explain how to set up SSH to allow access only to specific users or groups on Linux VPS Hosting.
Prerequisites:
Root access or sudo privileges to edit the SSH configuration files.
Allowing Access to Specific Users:
Step 1: Edit the SSH Configuration File: The SSH configuration file is located at /etc/ssh/sshd_config. You can use any text editor, here we’ll use vi:
Step 2: Allow Access to Specific Users: To restrict SSH access to only certain users, you can use the AllowUsers directive.
1. Add the following line to the SSH configuration file, replacing test and jake with the usernames you want to allow (separated by spaces):
2. Save the file and restart the SSH service to apply the changes:
Now, only root, test, and jake will be able to connect to the server via SSH. Everyone else will be blocked.
You can also allow a specific user to access your server via SSH only from a specific IP address. You can combine the AllowUsers directive with the IP in the SSH configuration file.
So the effect would be that root can log in from anywhere, tester1 only from 192.168.x.1x1, and jake only from 192.1xx.1.xx02. All other users not listed here would be denied access.
Allowing Access to Specific Groups:
A. Create a Group (Optional): If you want to allow access to a group of users, you’ll first need to create a group and add users to it.
1. Create a group: Here we are creating a group named ssh-users.
2. Add users to the group: For example, to add the user tester1:
In this example, we’ve created a group called ssh-users and added user tester1 to it.
B. Configure SSH to Allow the Group:
1. Open the SSH configuration file again:
2. Add the following line, replacing ssh-users with the name of your group:
3. Save the file and restart the SSH service to apply the changes:
Step 4: Verify the Configuration:
Before you log out, it’s a good idea to test the new setup from another terminal session. Make sure the allowed users or group members can still connect, and that everyone else is properly blocked.
Conclusion:
Restricting SSH access to specific users or groups is a simple yet effective method to enhance the security of your Linux VPS Hosting. By following the steps outlined in this article, you’ve taken a proactive step to minimize potential risks and ensure that only authorized individuals can connect to your server. Whether you’re managing a small team or a larger system, these configurations help you maintain control over who has access, reducing the chances of unauthorized entry.
You can contact us through the chat or ticket if you encounter any issues or require help. Our team will assist you.
