I'm trying a very specific configuration for the AllowUsers directive that follows the logic below: <ul> <li>Allow user1 to ssh from host1 </li> <li>Deny user1 to ssh from any other host</li> <li>Allow all other users from any host</li> </ul> I've tried the following: <pre class="prettyprint"><code>AllowUsers user1@host1 user1@!* *@* </code></pre> Unfortunately, when ever the @ is present, it negates the previous parameters and no matter what the order is. I have two questions; is there an order to which the parameters within the AllowUsers directive are executed and is the logic above even possible?

sshd_config AllowUsers

I'm trying a very specific configuration for the AllowUsers directive that follows the logic below:

I've tried the following:

AllowUsers user1@host1 user1@!* *@*

Unfortunately, when ever the @ is present, it negates the previous parameters and no matter what the order is.

I have two questions; is there an order to which the parameters within the AllowUsers directive are executed and is the logic above even possible?

536

asked Feb 07 '13 21:02

# Deny user1 from all hosts but host1
DenyUsers user1@!host1,*
# Allow all users from any host that are not denied yet
AllowUsers *@*

answered Oct 06 '22 02:10

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!