On Mon, Sep 12, 2016 at 10:00:57AM -0600, Jose Alvarez R. wrote: > Hello > > > > I have an question > > > > I have an FreeIPA 3.0 server(CentOS 6) with some clients servers(CentOS 6). > I wants enable root a two servers this servers, because they are backup > servers. > > > > I add theses lines in /etc/ssh/sshd_config of a client server. > > > > AllowUsers root@192.168.20.2 > > AllowUsers root@192.168.20.90 > > PermitRootLogin yes > > > > This working, but when try login with my user IPA, I can't login. > > > > I add the line "AllowGroups" with my group of users_IPA > > > > AllowGroups <group_user> > > > > But not working, Can you help me ? > > > > Thanks, Regards > > > > Jose Alvarez.
I know I'm not answering your question directly, but isn't it better to use HBAC with IPA and centralize the access control rather than edit config files on the clients? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project