Block All Users But One From SSH Access

I can currently login to my server via ssh as root. There may be some other users, however, that have ssh access. I want to block out any possible logins except from root. How can I do this?

Thanks.

Solution 1:

So you can achieve your stated desire with the AllowUsers directive in your sshd_config file, for example:

$ grep AllowUsers /etc/ssh/sshd_config
AllowUsers root

However I would be wary of using the root account for ssh - consider instead an unprivileged account for normal use, using something like sudo to acquire root privileges only when needed.

Solution 2:

From man sshd_config

 AllowUsers
         This keyword can be followed by a list of user name patterns, separated
         by spaces.  If specified, login is allowed only for user names that match
         one of the patterns.  Only user names are valid; a numerical user ID is
         not recognized.  By default, login is allowed for all users.  If the pat‐
         tern takes the form USER@HOST then USER and HOST are separately checked,
         restricting logins to particular users from particular hosts.  The
         allow/deny directives are processed in the following order: DenyUsers,
         AllowUsers, DenyGroups, and finally AllowGroups.

         See PATTERNS in ssh_config(5) for more information on patterns.

Btw. please don't allow passwords login for your root user. Only allow ssh keys or even better just allow a specific user to login and change to root but not root directly.