Once the Linux machine
joined with any Active Directory Domain, all the AD users can get SSH login on
the machine with regular user privileges to avoid this access can manage using
realm command.
[root@linuxcnf
~]# cat /etc/redhat-release
CentOS
Linux release 8.5.2111
[root@linuxcnf
~]#
|
1. Allow SSH Access for one User: Run the following command to allow SSH access for a
user:
[root@linuxcnf
~]# realm permit user@linuxcnf.com
|
2. Allow SSH Access for more than a User: Run the below command to allow one or more than a
User:
[root@linuxcnf
~]# realm permit user@linuxcnf.com user1.linuxcnf.com user2@linuxcnf.com
|
3. Allow SSH Access for a Group: Run the following command to allow SSH access for a group:
[root@linuxcnf
~]# realm permit –g group1
|
3. Allow SSH Access for more than a Group: Run the below command to allow SSH access for more
than a Group:
[root@linuxcnf
~]# realm permit –g group1 group2 group3
|
Done! Now
the permitted users and groups only can get SSH access on the machine.
would you have to realm deny --all first?
ReplyDelete