This tutorial will show how to enable or disable SSH access for the user or group by making a few changes in SSH default configuration file.
To do that, you should log in to your VPS as root or user with sudo privileges.
1. Enable SSH access to a particular user or group on VPS
1.1. To allow SSH access for a particular user, for example, test, edit sshd_config file:
sudo vi /etc/ssh/sshd_config
1.2. Press "i" to enter into insert mode and add or edit the following line:
AllowUsers test
Note 1: Please take note of the space between "AllowUsers" and "test." Instead of using the Space-bar, you should use the Tab key. To put it another way, type "AllowUsers" and then press the Tab key to provide the username of your user. _
1.3. Also, you can specify more than one user:
AllowUsers test1 test2
1.4 To allow an entire group, for instance, root, add or modify the following line:
AllowGroups root
This will allow all the users of the "root" group to connect to a server via SSH.
1.5. After saving changes in SSH default configuration file, you should restart SSH service to take effect the changes with this command:
sudo systemctl restart sshd
If one of the non-allowed users try to log in, the user should receive the following message:
Permission denied, please try again.
2. Disable SSH access to a user or group
2.1. To disable SSH access to specific user called "test1", you will need to edit sshd_config file:
sudo vi /etc/ssh/sshd_config
2.2. Add or modify the following line in sshd_config file.
DenyUsers test1
2.3. To deny SSH access to multiple users, specify the usernames with space separated as shown below:
DenyUsers test1 test2
2.4. To disable SSH access to an entire group, for example, root, add the following line:
DenyGroups root
2.5. After saving these changes, restart ssh service:
sudo systemctl restart sshd
Now blocked users our groups will not be able to log in to the server via SSH.