[Freeipa-users] About AllowGroups with sshd
Jakub Hrozek
jhrozek at redhat.com
Tue Sep 13 08:21:39 UTC 2016
On Mon, Sep 12, 2016 at 10:00:57AM -0600, Jose Alvarez R. wrote:
> Hello
>
>
>
> I have an question
>
>
>
> I have an FreeIPA 3.0 server(CentOS 6) with some clients servers(CentOS 6).
> I wants enable root a two servers this servers, because they are backup
> servers.
>
>
>
> I add theses lines in /etc/ssh/sshd_config of a client server.
>
>
>
> AllowUsers root at 192.168.20.2
>
> AllowUsers root at 192.168.20.90
>
> PermitRootLogin yes
>
>
>
> This working, but when try login with my user IPA, I can't login.
>
>
>
> I add the line "AllowGroups" with my group of users_IPA
>
>
>
> AllowGroups <group_user>
>
>
>
> But not working, Can you help me ?
>
>
>
> Thanks, Regards
>
>
>
> Jose Alvarez.
I know I'm not answering your question directly, but isn't it better to
use HBAC with IPA and centralize the access control rather than edit
config files on the clients?
More information about the Freeipa-users
mailing list