限制SSH用户的访问权限是提高系统安全性的重要措施。以下是一些常见的方法来限制SSH用户的访问权限:
云服务器
物理服务器
虚拟主机
跨境电商服务器sshd_config 文件编辑 /etc/ssh/sshd_config 文件,可以全局或针对特定用户进行配置。
限制登录用户:
AllowUsers user1 user2 user3
这将只允许 user1, user2, 和 user3 用户通过SSH登录。
限制登录组:
AllowGroups group1 group2
这将只允许属于 group1 和 group2 组的用户通过SSH登录。
禁止root登录:
PermitRootLogin no
限制登录时间:
Match User user1
ForceCommand internal-sftp
PasswordAuthentication no
PermitRootLogin no
AllowTcpForwarding no
X11Forwarding no
PermitTTY no
AllowAgentForwarding no
PermitOpen any
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForwarding yes
AllowAgentForwarding yes
AllowX11Forwarding yes
PermitTTY yes
AllowStreamLocalCommand yes
AllowTcpForward辰迅云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
推荐阅读: centos stream8如何创建虚拟机