[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Re: Restrict Access to telnet Service



On Fri, 2005-07-08 at 00:12 +0200, harald schwier freenet de wrote:
> Hallo,
> Thanks for your Replay
> > Assuming that your telnet server supports pam and that it's correctly 
> > configured, you probably want your config file to look something like:
> > 
> > auth       required     pam_listfile.so item=user sense=deny 
> > file=/etc/ssh/ssh_denied_users onerr=succeed
> > # stack to go through regular auth mechanism, whatever it is...
> > auth       required     pam_stack.so service=system-auth
> > auth       required     pam_nologin.so
> > account    required     pam_stack.so service=system-auth
> > password   required     pam_stack.so service=system-auth
> > session    required     pam_stack.so service=system-auth
> > session    required     pam_limits.so
> > session    optional     pam_console.so
> 
> Telnet is restrikted if i put these entries in the /etc/pam.d/login file. But now only
> the users in access-file are alowed to log in at the console. How is it possible
> to allow to login at the console to everybody?
Use pam_access instead of pam_listfile. It allows for more specific
access rules.

-- 
Tomas Mraz <tmraz redhat com>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]