Chris Boyd wrote:
You can keep compromised accounts from logging in via ssh with the "AllowUsers" option in your /etc/ssh/sshd_config file. Add that option followed by a list of user names that you want to be able to log in, ex:
# Only let Fred Guru and Joe Admin in, block anyone # else even if they have a valid password. AllowUsers fred joe
And you should also set "PermitRootLogin no" while you are in sshd_config.
Be sure to do a "service sshd restart" after you change the file, and do a test login _before_ you log out of your current session. Saves cursing and late night drives to remote servers in case sshd barfs somehow :-)
--Chris
Nice tip - AllowUsers added to the Wiki page on securing SSH:
http://wiki.centos.org/HowTos/Network/SecuringSSH
Thanks!
Ned