[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problem with pam_access



Hi Jon, Thanks for the reply. 
Unfortunately it's not what I exactly need.
I need to configure restrictions like these:
 - user A is allowed to login only from X.X.X.X
 - user B is allowed to login only from X.X.X.X/MM

etc..


On Wed, 11 Feb 2009 07:52:49 -0500, Jon Miller <jonebird gmail com> wrote:
> Typically pam_access is used in targeting select groups or netgroups. If
> you
> trying to restrict access based on the source IP address, then the best
> option for accomplishing that is using iptables. Even if you are still
> targeting select groups to have access, I would still recommend combining
> iptables for just the IP restrictions.
> 
> -- Jon Miller
> 
> On Wed, Feb 11, 2009 at 7:38 AM, bluesman <bluesman bluesman it> wrote:
> 
>>
>> Hi Guys,
>>  My first mesage to this list, so nice to meet you :) Here's the
problem:
>> In order to restrict access to our clients, we are implementing
>> pam_access
>> module. The configuration is working fine, but there is some problem in
>> defining the "from" field.
>>  During the authentication, if the module is able to (reverse) resolve
>>  the
>> IP, it *wants* to find the DNS name in the access.conf, ignoring the
line
>> even if the IP or subnet is defined. As a workaround, i added all DNS
>> names
>> and IP in the config. but this will make impossible for me to define IP
>> ranges.
>> Do someone know how to solve this problem?
>>
>> Hope I've been clear enough.
>> Thanks in advance.
>>
>> Diego Roccia
>>
>> _______________________________________________
>> Pam-list mailing list
>> Pam-list redhat com
>> https://www.redhat.com/mailman/listinfo/pam-list
>>
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]