0

I have a Macintosh server computer with 3 users: admin, git, and server. Admin is the only administrator on the computer, while git and server are normal users. I can log in to all 3 over ssh, using public key authentication only for admin and server, while password authentication is enabled for git.

In short, I want to be able to log in directly to all 3 accounts via ssh, but only be able to switch accounts using su when I logged in first using admin. Is there a way to configure this in sshd_config?

Alternatively, is there a way you can disable su only for certain users?

The server is a a Mac Mini running macOS 10.13.5 and I am using the SSH server from the sharing menu, if that info is important.

Improve this question
4
  • 1
    Switching users after logging in has nothing to do with sshd.
    – Ignacio Vazquez-Abrams
    Commented Aug 2, 2018 at 21:16
  • Then is there a way to disable it only for users logged in via ssh? Can you disable the privilege for only certain users?
    – Next-Door Tech
    Commented Aug 2, 2018 at 21:21
  • I know it can be done with PAM, but I have no idea how to do it under OS X.
    – Ignacio Vazquez-Abrams
    Commented Aug 2, 2018 at 21:23
  • I believe OS X uses PAM
    – Next-Door Tech
    Commented Aug 2, 2018 at 21:44

0

Reset to default

Browse other questions tagged .