Disable SSH Login for User(s)
By Shay Anderson on April 2014
Disabling SSH logins for specific users can be a good idea for security. For example, you may want to disable a user like svn that is used only for internal server commands to control Subversion and the user will never need to login via SSH.

To disable SSH access for particular user edit the /etc/ssh/sshd_config file: # nano /etc/ssh/sshd_configThen add the following lines at the end of the file: # Deny users (space delimited)
DenyUsers user1If the DenyUsers entry already exists in the file use that entry. Close and save the file. Restart the SSH server: # service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]Now the user1 user cannot access the server via SSH access. To disable multiple users simply use a space delimiter, for example: DenyUsers user1 user2 user3You can also block all user’s SSH access and only allow specific users to login via SSH access using: AllowUsers user10 user11This would allow only user10 and user11 to access the server via SSH.

It is also possible to deny specific user groups using the DenyGroups entry, or to allow specific user groups using the AllowGroups entry.