Optional: Whitelist static users for login
authorAxel Huebl <axel.huebl@web.de>
Sat, 4 Jan 2014 23:46:55 +0000 (00:46 +0100)
committerAxel Huebl <axel.huebl@web.de>
Sat, 4 Jan 2014 23:46:55 +0000 (00:46 +0100)
Quite conservative but useful for systems with a very limited number
of allowed system users for SSH.

src/practical_settings/ssh.tex

index 2f8c1fc..b6af655 100644 (file)
@@ -14,6 +14,9 @@
        Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
        MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
        KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
+
+        # In addition, you can whitelist only specific users for SSH login
+        # AllowUsers user1 user2
 \end{lstlisting}
 
 \textbf{Note:} Older Linux systems won't support SHA2. PuTTY (Windows) does not support