Hi all,
Am I missing something? According to the man pages this should work:
# cat /etc/ssh/sshd_config.d/01-permitrootlogin.conf
PermitRootLogin yes
DenyUsers root@!192.168.1.1
Allow root login but ONLY when it's not from 192.168.1.2. Well, that's not working...
However, changing the configuration will make it work:
PermitRootLogin yes
DenyUsers root@*,!192.168.1.2
Doing some searches I bumped into this: https://access.redhat.com/solutions/4494281
"We were fixing several bugs in pattern and conditions parsing."
The article mentioned is from April 2022 but the issue is still there in CentOS Stream 9. Am I misreading the man pages or is the bug ("feature") still not fixed?
langeman
OpenSSH - DenyUsers negate
Re: OpenSSH - DenyUsers negate
I think you are misreading that KB article. It seems to be telling you that the format from 6.6p1 onwards will be the pattern that tell you to grep for.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke