Unix command to add user to AllowUsers list for SSH access?

Question

I understand that to allow a web user access to SSH, I have to open up /etc/ssh/sshd_config and manually add each username to the list and restart sshd.

I built a small custom bash script to create users, do other setup, etc. Is there a command to add each user to the AllowUsers list in sshd_config? This would be extremely helpful vs doing it manually all the time. Or if I delete a user, have it removed from the list automatically?

Might be a question for [unix.se] – OneCricketeer Feb 21 '18 at 07:07 — OneCricketeer, Feb 21 '18 at 07:07

F. Hauri - Give Up GitHub · Accepted Answer · 2018-02-21T07:33:56.743

2

You may have to ensure user could log in for command line:
```
getent passwd $USER
usertoto:x:1234:1234:User Toto,,,:/home/usertoto/:/bin/false
```
The last field is the shell to start, ``false'' will not let usertoto open any command line terminal.

This could changed by
```
chsh -s /bin/sh usertoto
```
Using a group instead of a list of user

You could create a group, allowed to log in, than add users into this group. This could by simplier than edit manually user list into sshd config.

See AllowGroups in man sshd_config and man adduser
```
adduser usertoto sshallowed
```

edited Feb 21 '18 at 07:33

answered Feb 21 '18 at 07:27

F. Hauri - Give Up GitHub

64,122
17
116
137

Thanks a lot, exactly what I was looking for! – peppy Feb 21 '18 at 21:10
1

Useful command: sed -i -e 's/AllowUsers $.*$/\0 the-user/g' /etc/ssh/sshd_config – Federico Jan 26 '21 at 09:22
@Federico Thanks. Typo: Remove the parenthesis around the .* – Ariel Oct 28 '22 at 01:52

Unix command to add user to AllowUsers list for SSH access?

1 Answers1