You can restrict users as well as groups to execute all commands over ssh without having access to the server.
- The first step is to add a new option in /etc/ssh/sshd_config file as follows:
- For user restriction, add the following and make sure to replace the username with the actual username:
Match User username
PermitTTY no
- For group restriction, add the following and make sure to replace testgroup with the actual group:
Match Group testgroup
PermitTTY no
- Reboot the server or restart the service until the new change takes effect.
systemctl restart sshd