A systems administrator is hardening a public-facing server based on a new security policy. The policy includes the following requirements for SSH access:
Direct root login must be completely disabled.
Only members of the admins group are permitted to connect via SSH.
Which of the following directives, when placed in the /etc/ssh/sshd_config file, will correctly implement all of these requirements?
The correct answer implements both security requirements. The PermitRootLogin no directive completely disables root login via SSH. The AllowGroups admins directive restricts SSH access to only users who are members of the admins group.
The option using AllowUsers admins is incorrect because the AllowUsers directive expects a space-separated list of usernames, not group names.
The option with PermitRootLogin prohibit-password is incorrect because this setting still allows root login using methods other than a password, such as public key authentication. The requirement is to disable direct root login completely.
The option with RequireRootLogin no and PermitGroups admins is incorrect because these are not valid directives in the sshd_config file.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the 'PermitRootLogin' directive in SSH?
Open an interactive chat with Bash
What does the 'AllowGroups' directive do in the '/etc/ssh/sshd_config' file?
Open an interactive chat with Bash
Why is 'AllowUsers admins' incorrect in this context?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .