Hi,

How can I block SSH to root from a user account?

Hello,

Change the password? Or do you mean prevent them from "su"ing to root...

I think on RedHat (unlike FreeBSD), the best you can do is to set: "PermitRootLogin yes" to "no" in your /etc/ssh/sshd_config, so that you can't ssh to root, but you have to su from a user. But this still won't prevent a user from su-ing.

John

What I mean is the follow:

A user of a domain login with is login with SSH
When he goes to a higher lever he geet access.
The usr can go till / and open the folder: root ect.

That is what I like to block.
He can login in SSH for his domail but not going outside his domain

A user can still go into any directory, but cannot remove/edit/create files in anyother directory other than that users home.

The only way to stop this is by disabling SSH for users, or installing a SSH jail.

Originally posted by RingToons
The usr can go till / and open the folder: root ect.
The user should not be able to open the /root directory or see files that are not marked readable for world or for his username.

If your user can do that, then you've got a serious permissions problem.

In any event, allowing anyone SSH is definitely a security risk; we don't allow it except by special need, and then we require a written agreement of liability.

Jeff