February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Setting different configurations for different users and groups
On the server side, you can use the Match User or Match Group directive to set up custom configurations for certain users or groups. To see how it's done, look at the example at the very bottom of the /etc/ssh/sshd_config file. There, you'll see the following:
# Match User anoncvs# X11Forwarding no# AllowTcpForwarding no# PermitTTY no# ForceCommand cvs server
Of course, this has no effect since it's commented out, but that's okay. Here's what we see for user anoncvs:
- He can't do X11 forwarding.
- He can't do TCP forwarding.
- He won't have the use of a command Terminal.
- As soon as he logs in, he'll be starting the Concurrent Versioning Service (CVS) server. By not having use of ...